/* Type definitions for non-npm package Network Management API v1beta1 0.0 */ // Project: https://cloud.google.com/ // Definitions by: Maxim Mazurok // Nick Amoscato // Declan Vong // Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped // IMPORTANT // This file was generated by https://github.com/Maxim-Mazurok/google-api-typings-generator. Please do not edit it manually. // In case of any problems please post issue to https://github.com/Maxim-Mazurok/google-api-typings-generator // Generated from: https://networkmanagement.googleapis.com/$discovery/rest?version=v1beta1 // Revision: 20260617 /// declare namespace gapi.client { /** Load Network Management API v1beta1 */ function load( urlOrObject: 'https://networkmanagement.googleapis.com/$discovery/rest?version=v1beta1', ): Promise; /** @deprecated Please load APIs with discovery documents. */ function load(name: 'networkmanagement', version: 'v1beta1'): Promise; /** @deprecated Please load APIs with discovery documents. */ function load( name: 'networkmanagement', version: 'v1beta1', callback: () => any, ): void; namespace networkmanagement { interface AbortInfo { /** Causes that the analysis is aborted. */ cause?: | 'CAUSE_UNSPECIFIED' | 'UNKNOWN_NETWORK' | 'UNKNOWN_PROJECT' | 'NO_EXTERNAL_IP' | 'UNINTENDED_DESTINATION' | 'SOURCE_ENDPOINT_NOT_FOUND' | 'MISMATCHED_SOURCE_NETWORK' | 'DESTINATION_ENDPOINT_NOT_FOUND' | 'MISMATCHED_DESTINATION_NETWORK' | 'UNKNOWN_IP' | 'GOOGLE_MANAGED_SERVICE_UNKNOWN_IP' | 'SOURCE_IP_ADDRESS_NOT_IN_SOURCE_NETWORK' | 'PERMISSION_DENIED' | 'PERMISSION_DENIED_NO_CLOUD_NAT_CONFIGS' | 'PERMISSION_DENIED_NO_NEG_ENDPOINT_CONFIGS' | 'PERMISSION_DENIED_NO_CLOUD_ROUTER_CONFIGS' | 'NO_SOURCE_LOCATION' | 'NO_SOURCE_GCP_NETWORK_LOCATION' | 'NO_SOURCE_NON_GCP_NETWORK_LOCATION' | 'NO_SOURCE_INTERNET_LOCATION' | 'INVALID_ARGUMENT' | 'TRACE_TOO_LONG' | 'INTERNAL_ERROR' | 'UNSUPPORTED' | 'MISMATCHED_IP_VERSION' | 'GKE_KONNECTIVITY_PROXY_UNSUPPORTED' | 'RESOURCE_CONFIG_NOT_FOUND' | 'VM_INSTANCE_CONFIG_NOT_FOUND' | 'NETWORK_CONFIG_NOT_FOUND' | 'FIREWALL_CONFIG_NOT_FOUND' | 'ROUTE_CONFIG_NOT_FOUND' | 'GOOGLE_MANAGED_SERVICE_AMBIGUOUS_PSC_ENDPOINT' | 'GOOGLE_MANAGED_SERVICE_AMBIGUOUS_ENDPOINT' | 'SOURCE_PSC_CLOUD_SQL_UNSUPPORTED' | 'SOURCE_EXTERNAL_CLOUD_SQL_UNSUPPORTED' | 'SOURCE_REDIS_CLUSTER_UNSUPPORTED' | 'SOURCE_REDIS_INSTANCE_UNSUPPORTED' | 'SOURCE_FORWARDING_RULE_UNSUPPORTED' | 'NON_ROUTABLE_IP_ADDRESS' | 'UNKNOWN_ISSUE_IN_GOOGLE_MANAGED_PROJECT' | 'UNSUPPORTED_GOOGLE_MANAGED_PROJECT_CONFIG' | 'NO_SERVERLESS_IP_RANGES' | 'IP_VERSION_PROTOCOL_MISMATCH' | 'GKE_POD_UNKNOWN_ENDPOINT_LOCATION' | 'RESPONSE_TOO_LARGE'; /** IP address that caused the abort. */ ipAddress?: string; /** List of project IDs the user specified in the request but lacks access to. In this case, analysis is aborted with the PERMISSION_DENIED cause. */ projectsMissingPermission?: string[]; /** URI of the resource that caused the abort. Format: * `projects/{project_id}/global/networks/{network_id}` (VPC network) * `projects/{project_id}/zones/{zone}/instances/{instance_id}` (VM instance) */ resourceUri?: string; } interface AppEngineVersionEndpoint { /** An [App Engine](https://cloud.google.com/appengine) [service version](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions) name. */ uri?: string; } interface AppEngineVersionInfo { /** Name of an App Engine version. */ displayName?: string; /** App Engine execution environment for a version. */ environment?: string; /** Runtime of the App Engine version. */ runtime?: string; /** URI of the App Engine version. Format: `apps/{app_id}/services/{service_id}/versions/{version_id}` */ uri?: string; } interface AuditConfig { /** The configuration for logging of each type of permission. */ auditLogConfigs?: AuditLogConfig[]; /** Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. */ service?: string; } interface AuditLogConfig { /** Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. */ exemptedMembers?: string[]; /** The log type that this config enables. */ logType?: 'LOG_TYPE_UNSPECIFIED' | 'ADMIN_READ' | 'DATA_WRITE' | 'DATA_READ'; } interface Binding { /** The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ condition?: Expr; /** Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workforce identity pool. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: All workforce identities in a group. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All workforce identities with a specific attribute value. * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/*`: All identities in a workforce identity pool. * `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single identity in a workload identity pool. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool group. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: All identities in a workload identity pool with a certain attribute. * `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/*`: All identities in a workload identity pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: Deleted single identity in a workforce identity pool. For example, `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. */ members?: string[]; /** Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an overview of the IAM roles and permissions, see the [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For a list of the available pre-defined roles, see [here](https://cloud.google.com/iam/docs/understanding-roles). */ role?: string; } interface CancelOperationRequest {} interface CloudFunctionEndpoint { /** A [Cloud Function](https://cloud.google.com/functions) name. */ uri?: string; } interface CloudFunctionInfo { /** Name of a Cloud Function. */ displayName?: string; /** Location in which the Cloud Function is deployed. */ location?: string; /** URI of the Cloud Function. Format: `projects/{project_id}/locations/{location}/functions/{function_id}` */ uri?: string; /** Latest successfully deployed version id of the Cloud Function. */ versionId?: string; } interface CloudRunJobInfo { /** Name of a Cloud Run job. */ displayName?: string; /** Location in which this job is deployed. */ location?: string; /** URI of the Cloud Run job. Format: `projects/{project_id}/locations/{location}/jobs/{job_id}` */ uri?: string; } interface CloudRunRevisionEndpoint { /** Output only. The URI of the Cloud Run service that the revision belongs to. The format is: projects/{project}/locations/{location}/services/{service} */ serviceUri?: string; /** A [Cloud Run](https://cloud.google.com/run) [revision](https://cloud.google.com/run/docs/reference/rest/v1/namespaces.revisions/get) URI. The format is: projects/{project}/locations/{location}/revisions/{revision} */ uri?: string; } interface CloudRunRevisionInfo { /** Name of a Cloud Run revision. */ displayName?: string; /** Location in which this revision is deployed. */ location?: string; /** URI of Cloud Run service this revision belongs to. Format: `projects/{project_id}/locations/{location}/services/{service_id}` */ serviceUri?: string; /** URI of the Cloud Run revision. Format: `projects/{project_id}/locations/{location}/revisions/{revision_id}` */ uri?: string; } interface CloudSQLInstanceInfo { /** Name of a Cloud SQL instance. */ displayName?: string; /** External IP address of a Cloud SQL instance. */ externalIp?: string; /** Internal IP address of a Cloud SQL instance. */ internalIp?: string; /** URI of a Cloud SQL instance network or empty string if the instance does not have one. In format "projects/{project}/global/networks/{network}". */ networkUri?: string; /** Region in which the Cloud SQL instance is running. */ region?: string; /** URI of a Cloud SQL instance in format "projects/{project}/instances/{instance}" */ uri?: string; } interface ConnectivityTest { /** Whether the analysis should skip firewall checking. Default value is false. */ bypassFirewallChecks?: boolean; /** Output only. The time the test was created. */ createTime?: string; /** The user-supplied description of the Connectivity Test. Maximum of 512 characters. */ description?: string; /** Required. Destination specification of the Connectivity Test. You can use a combination of destination IP address, URI of a supported endpoint, project ID, or VPC network to identify the destination location. Reachability analysis proceeds even if the destination location is ambiguous. However, the test result might include endpoints or use a destination that you don't intend to test. */ destination?: Endpoint; /** Output only. The display name of a Connectivity Test. */ displayName?: string; /** Resource labels to represent user-provided metadata. */ labels?: {[P in string]: string}; /** Identifier. Unique name of the resource using the form: `projects/{project_id}/locations/global/connectivityTests/{test}` */ name?: string; /** Output only. The probing details of this test from the latest run, present for applicable tests only. The details are updated when creating a new test, updating an existing test, or triggering a one-time rerun of an existing test. */ probingDetails?: ProbingDetails; /** IP Protocol of the test. When not provided, "TCP" is assumed. */ protocol?: string; /** Output only. The reachability details of this test from the latest run. The details are updated when creating a new test, updating an existing test, or triggering a one-time rerun of an existing test. */ reachabilityDetails?: ReachabilityDetails; /** Other projects that may be relevant for reachability analysis. This is applicable to scenarios where a test can cross project boundaries. */ relatedProjects?: string[]; /** Output only. The reachability details of this test from the latest run for the return path. The details are updated when creating a new test, updating an existing test, or triggering a one-time rerun of an existing test. */ returnReachabilityDetails?: ReachabilityDetails; /** Whether run analysis for the return path from destination to source. Default value is false. */ roundTrip?: boolean; /** Required. Source specification of the Connectivity Test. You can use a combination of source IP address, URI of a supported endpoint, project ID, or VPC network to identify the source location. Reachability analysis might proceed even if the source location is ambiguous. However, the test result might include endpoints or use a source that you don't intend to test. */ source?: Endpoint; /** Output only. The time the test's configuration was updated. */ updateTime?: string; } interface DeliverInfo { /** Recognized type of a Google Service the packet is delivered to (if applicable). */ googleServiceType?: | 'GOOGLE_SERVICE_TYPE_UNSPECIFIED' | 'IAP' | 'GFE_PROXY_OR_HEALTH_CHECK_PROBER' | 'CLOUD_DNS' | 'PRIVATE_GOOGLE_ACCESS' | 'SERVERLESS_VPC_ACCESS'; /** IP address of the target (if applicable). */ ipAddress?: string; /** PSC Google API target the packet is delivered to (if applicable). */ pscGoogleApiTarget?: string; /** URI of the resource that the packet is delivered to. For example: * `"projects/{project}/zones/{zone}/instances/{instance}"` * `"projects/{project}/regions/{region}/networkEndpointGroups/{network_endpoint_group}"` */ resourceUri?: string; /** Name of the Cloud Storage Bucket the packet is delivered to (if applicable). */ storageBucket?: string; /** Target type where the packet is delivered to. */ target?: | 'TARGET_UNSPECIFIED' | 'INSTANCE' | 'INTERNET' | 'GOOGLE_API' | 'GKE_MASTER' | 'CLOUD_SQL_INSTANCE' | 'PSC_PUBLISHED_SERVICE' | 'PSC_GOOGLE_API' | 'PSC_VPC_SC' | 'SERVERLESS_NEG' | 'STORAGE_BUCKET' | 'PRIVATE_NETWORK' | 'CLOUD_FUNCTION' | 'APP_ENGINE_VERSION' | 'CLOUD_RUN_REVISION' | 'GOOGLE_MANAGED_SERVICE' | 'REDIS_INSTANCE' | 'REDIS_CLUSTER' | 'GKE_POD' | 'CLOUD_RUN_JOB' | 'DMS_PRIVATE_CONNECTION' | 'DATASTREAM_PRIVATE_CONNECTION'; } interface DirectVpcEgressConnectionInfo { /** URI of the VPC network for direct egress. Format: `projects/{project_id}/global/networks/{network_id}` */ networkUri?: string; /** Region in which the Direct VPC egress is deployed. */ region?: string; /** Selected starting IP address, from the selected IP range. */ selectedIpAddress?: string; /** Selected IP range. */ selectedIpRange?: string; /** URI of the subnetwork for direct egress. Format: `projects/{project_id}/regions/{region}/subnetworks/{subnetwork_id}` */ subnetworkUri?: string; } interface DropInfo { /** Cause that the packet is dropped. */ cause?: | 'CAUSE_UNSPECIFIED' | 'UNKNOWN_EXTERNAL_ADDRESS' | 'FOREIGN_IP_DISALLOWED' | 'FIREWALL_RULE' | 'NO_ROUTE' | 'ROUTE_BLACKHOLE' | 'ROUTE_WRONG_NETWORK' | 'ROUTE_NEXT_HOP_IP_ADDRESS_NOT_RESOLVED' | 'ROUTE_NEXT_HOP_RESOURCE_NOT_FOUND' | 'ROUTE_NEXT_HOP_INSTANCE_WRONG_NETWORK' | 'ROUTE_NEXT_HOP_INSTANCE_NON_PRIMARY_IP' | 'ROUTE_NEXT_HOP_FORWARDING_RULE_IP_MISMATCH' | 'ROUTE_NEXT_HOP_VPN_TUNNEL_NOT_ESTABLISHED' | 'ROUTE_NEXT_HOP_FORWARDING_RULE_TYPE_INVALID' | 'NO_ROUTE_FROM_INTERNET_TO_PRIVATE_IPV6_ADDRESS' | 'NO_ROUTE_FROM_INTERNET_TO_PRIVATE_IPV4_ADDRESS' | 'NO_ROUTE_FROM_EXTERNAL_IPV6_SOURCE_TO_PRIVATE_IPV6_ADDRESS' | 'VPN_TUNNEL_LOCAL_SELECTOR_MISMATCH' | 'VPN_TUNNEL_REMOTE_SELECTOR_MISMATCH' | 'PRIVATE_TRAFFIC_TO_INTERNET' | 'PRIVATE_GOOGLE_ACCESS_DISALLOWED' | 'PRIVATE_GOOGLE_ACCESS_VIA_VPN_TUNNEL_UNSUPPORTED' | 'NO_EXTERNAL_ADDRESS' | 'UNKNOWN_INTERNAL_ADDRESS' | 'FORWARDING_RULE_MISMATCH' | 'FORWARDING_RULE_NO_INSTANCES' | 'FIREWALL_BLOCKING_LOAD_BALANCER_BACKEND_HEALTH_CHECK' | 'FIREWALL_BLOCKING_LOAD_BALANCER_ENVOY_PROXY_HEALTH_CHECK' | 'INGRESS_FIREWALL_TAGS_UNSUPPORTED_BY_DIRECT_VPC_EGRESS' | 'INSTANCE_NOT_RUNNING' | 'GKE_CLUSTER_NOT_RUNNING' | 'GKE_POD_NOT_RUNNING' | 'CLOUD_SQL_INSTANCE_NOT_RUNNING' | 'REDIS_INSTANCE_NOT_RUNNING' | 'REDIS_CLUSTER_NOT_RUNNING' | 'TRAFFIC_TYPE_BLOCKED' | 'GKE_MASTER_UNAUTHORIZED_ACCESS' | 'CLOUD_SQL_INSTANCE_UNAUTHORIZED_ACCESS' | 'DROPPED_INSIDE_GKE_SERVICE' | 'DROPPED_INSIDE_CLOUD_SQL_SERVICE' | 'DROPPED_INSIDE_DMS_PRIVATE_CONNECTION' | 'DROPPED_INSIDE_DATASTREAM_PRIVATE_CONNECTION' | 'GOOGLE_MANAGED_SERVICE_NO_PEERING' | 'GOOGLE_MANAGED_SERVICE_NO_PSC_ENDPOINT' | 'GKE_PSC_ENDPOINT_MISSING' | 'CLOUD_SQL_INSTANCE_NO_IP_ADDRESS' | 'GKE_CONTROL_PLANE_REGION_MISMATCH' | 'PUBLIC_GKE_CONTROL_PLANE_TO_PRIVATE_DESTINATION' | 'GKE_CONTROL_PLANE_NO_ROUTE' | 'CLOUD_SQL_INSTANCE_NOT_CONFIGURED_FOR_EXTERNAL_TRAFFIC' | 'PUBLIC_CLOUD_SQL_INSTANCE_TO_PRIVATE_DESTINATION' | 'CLOUD_SQL_INSTANCE_NO_ROUTE' | 'CLOUD_SQL_CONNECTOR_REQUIRED' | 'CLOUD_FUNCTION_NOT_ACTIVE' | 'VPC_CONNECTOR_NOT_SET' | 'VPC_CONNECTOR_NOT_RUNNING' | 'VPC_CONNECTOR_SERVERLESS_TRAFFIC_BLOCKED' | 'VPC_CONNECTOR_HEALTH_CHECK_TRAFFIC_BLOCKED' | 'FORWARDING_RULE_REGION_MISMATCH' | 'PSC_CONNECTION_NOT_ACCEPTED' | 'PSC_ENDPOINT_ACCESSED_FROM_PEERED_NETWORK' | 'PSC_NEG_PRODUCER_ENDPOINT_NO_GLOBAL_ACCESS' | 'PSC_NEG_PRODUCER_FORWARDING_RULE_MULTIPLE_PORTS' | 'CLOUD_SQL_PSC_NEG_UNSUPPORTED' | 'NO_NAT_SUBNETS_FOR_PSC_SERVICE_ATTACHMENT' | 'PSC_TRANSITIVITY_NOT_PROPAGATED' | 'HYBRID_NEG_NON_DYNAMIC_ROUTE_MATCHED' | 'HYBRID_NEG_NON_LOCAL_DYNAMIC_ROUTE_MATCHED' | 'CLOUD_RUN_REVISION_NOT_READY' | 'CLOUD_RUN_JOB_NOT_READY' | 'DROPPED_INSIDE_PSC_SERVICE_PRODUCER' | 'LOAD_BALANCER_HAS_NO_PROXY_SUBNET' | 'CLOUD_NAT_NO_ADDRESSES' | 'ROUTING_LOOP' | 'DROPPED_INSIDE_GOOGLE_MANAGED_SERVICE' | 'LOAD_BALANCER_BACKEND_INVALID_NETWORK' | 'BACKEND_SERVICE_NAMED_PORT_NOT_DEFINED' | 'DESTINATION_IS_PRIVATE_NAT_IP_RANGE' | 'DROPPED_INSIDE_REDIS_INSTANCE_SERVICE' | 'REDIS_INSTANCE_UNSUPPORTED_PORT' | 'REDIS_INSTANCE_CONNECTING_FROM_PUPI_ADDRESS' | 'REDIS_INSTANCE_NO_ROUTE_TO_DESTINATION_NETWORK' | 'REDIS_INSTANCE_NO_EXTERNAL_IP' | 'REDIS_INSTANCE_UNSUPPORTED_PROTOCOL' | 'DROPPED_INSIDE_REDIS_CLUSTER_SERVICE' | 'REDIS_CLUSTER_UNSUPPORTED_PORT' | 'REDIS_CLUSTER_NO_EXTERNAL_IP' | 'REDIS_CLUSTER_UNSUPPORTED_PROTOCOL' | 'NO_ADVERTISED_ROUTE_TO_GCP_DESTINATION' | 'NO_TRAFFIC_SELECTOR_TO_GCP_DESTINATION' | 'NO_KNOWN_ROUTE_FROM_PEERED_NETWORK_TO_DESTINATION' | 'PRIVATE_NAT_TO_PSC_ENDPOINT_UNSUPPORTED' | 'PSC_PORT_MAPPING_PORT_MISMATCH' | 'PSC_PORT_MAPPING_WITHOUT_PSC_CONNECTION_UNSUPPORTED' | 'UNSUPPORTED_ROUTE_MATCHED_FOR_NAT64_DESTINATION' | 'TRAFFIC_FROM_HYBRID_ENDPOINT_TO_INTERNET_DISALLOWED' | 'NO_MATCHING_NAT64_GATEWAY' | 'NO_CONFIGURED_PRIVATE_NAT64_RULE' | 'LOAD_BALANCER_BACKEND_IP_VERSION_MISMATCH' | 'NO_KNOWN_ROUTE_FROM_NCC_NETWORK_TO_DESTINATION' | 'CLOUD_NAT_PROTOCOL_UNSUPPORTED' | 'L2_INTERCONNECT_UNSUPPORTED_PROTOCOL' | 'L2_INTERCONNECT_UNSUPPORTED_PORT' | 'L2_INTERCONNECT_DESTINATION_IP_MISMATCH' | 'NCC_ROUTE_WITHIN_HYBRID_SUBNET_UNSUPPORTED' | 'HYBRID_SUBNET_REGION_MISMATCH' | 'HYBRID_SUBNET_NO_ROUTE' | 'GKE_NETWORK_POLICY' | 'NO_VALID_ROUTE_FROM_GOOGLE_MANAGED_NETWORK_TO_DESTINATION' | 'PRIVATE_CONNECTION_NO_RUNNING_INSTANCE'; /** Geolocation (region code) of the destination IP address (if relevant). */ destinationGeolocationCode?: string; /** Destination IP address of the dropped packet (if relevant). */ destinationIp?: string; /** Region of the dropped packet (if relevant). */ region?: string; /** URI of the resource that caused the drop. Format: * `projects/{project_id}/global/firewalls/{firewall_id}` (firewall rule) * `projects/{project_id}/global/routes/{route_id}` (route) */ resourceUri?: string; /** Geolocation (region code) of the source IP address (if relevant). */ sourceGeolocationCode?: string; /** Source IP address of the dropped packet (if relevant). */ sourceIp?: string; } interface EdgeLocation { /** Name of the metropolitan area. */ metropolitanArea?: string; } interface EffectiveVpcFlowLogsConfig { /** The aggregation interval for the logs. Default value is INTERVAL_5_SEC. */ aggregationInterval?: | 'AGGREGATION_INTERVAL_UNSPECIFIED' | 'INTERVAL_5_SEC' | 'INTERVAL_30_SEC' | 'INTERVAL_1_MIN' | 'INTERVAL_5_MIN' | 'INTERVAL_10_MIN' | 'INTERVAL_15_MIN'; /** Determines whether to include cross project annotations in the logs. This field is available only for organization configurations. If not specified in org configs will be set to CROSS_PROJECT_METADATA_ENABLED. */ crossProjectMetadata?: | 'CROSS_PROJECT_METADATA_UNSPECIFIED' | 'CROSS_PROJECT_METADATA_ENABLED' | 'CROSS_PROJECT_METADATA_DISABLED'; /** Export filter used to define which VPC Flow Logs should be logged. */ filterExpr?: string; /** The value of the field must be in (0, 1]. The sampling rate of VPC Flow Logs where 1.0 means all collected logs are reported. Setting the sampling rate to 0.0 is not allowed. If you want to disable VPC Flow Logs, use the state field instead. Default value is 1.0. */ flowSampling?: number; /** Traffic will be logged from the Interconnect Attachment. Format: projects/{project_id}/regions/{region}/interconnectAttachments/{name} */ interconnectAttachment?: string; /** Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default value is INCLUDE_ALL_METADATA. */ metadata?: | 'METADATA_UNSPECIFIED' | 'INCLUDE_ALL_METADATA' | 'EXCLUDE_ALL_METADATA' | 'CUSTOM_METADATA'; /** Custom metadata fields to include in the reported VPC flow logs. Can only be specified if "metadata" was set to CUSTOM_METADATA. */ metadataFields?: string[]; /** Unique name of the configuration. The name can have one of the following forms: - For project-level configurations: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For organization-level configurations: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For a Compute config, the name will be the path of the subnet: `projects/{project_id}/regions/{region}/subnetworks/{subnet_id}` */ name?: string; /** Traffic will be logged from VMs, VPN tunnels and Interconnect Attachments within the network. Format: projects/{project_id}/global/networks/{name} */ network?: string; /** Specifies the scope of the config (e.g., SUBNET, NETWORK, ORGANIZATION..). */ scope?: | 'SCOPE_UNSPECIFIED' | 'SUBNET' | 'COMPUTE_API_SUBNET' | 'NETWORK' | 'VPN_TUNNEL' | 'INTERCONNECT_ATTACHMENT' | 'ORGANIZATION'; /** The state of the VPC Flow Log configuration. Default value is ENABLED. When creating a new configuration, it must be enabled. Setting state=DISABLED will pause the log generation for this config. */ state?: 'STATE_UNSPECIFIED' | 'ENABLED' | 'DISABLED'; /** Traffic will be logged from VMs within the subnetwork. Format: projects/{project_id}/regions/{region}/subnetworks/{name} */ subnet?: string; /** Traffic will be logged from the VPN Tunnel. Format: projects/{project_id}/regions/{region}/vpnTunnels/{name} */ vpnTunnel?: string; } interface Empty {} interface Endpoint { /** An [App Engine](https://cloud.google.com/appengine) [service version](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions). Applicable only to source endpoint. */ appEngineVersion?: AppEngineVersionEndpoint; /** A [Cloud Function](https://cloud.google.com/functions). Applicable only to source endpoint. */ cloudFunction?: CloudFunctionEndpoint; /** A [Cloud Run](https://cloud.google.com/run) [job](https://docs.cloud.google.com/run/docs/reference/rest/v2/projects.locations.jobs#Job) URI. Applicable only to source endpoint. The format is: projects/{project}/locations/{location}/jobs/{job} */ cloudRunJob?: string; /** A [Cloud Run](https://cloud.google.com/run) [revision](https://cloud.google.com/run/docs/reference/rest/v1/namespaces.revisions/get) Applicable only to source endpoint. */ cloudRunRevision?: CloudRunRevisionEndpoint; /** A [Cloud SQL](https://cloud.google.com/sql) instance URI. */ cloudSqlInstance?: string; /** A [Datastream Private Connection](https://docs.cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.privateConnections) name format: projects/{project}/locations/{location}/privateConnections/{privateConnection}. */ datastreamPrivateConnection?: string; /** A [DMS Private Connection](https://docs.cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.privateConnections) name format: projects/{project}/locations/{location}/privateConnections/{privateConnection}. */ dmsPrivateConnection?: string; /** A forwarding rule and its corresponding IP address represent the frontend configuration of a Google Cloud load balancer. Forwarding rules are also used for protocol forwarding, Private Service Connect and other network services to provide forwarding information in the control plane. Applicable only to destination endpoint. Format: `projects/{project}/global/forwardingRules/{id}` or `projects/{project}/regions/{region}/forwardingRules/{id}` */ forwardingRule?: string; /** Output only. Specifies the type of the target of the forwarding rule. */ forwardingRuleTarget?: | 'FORWARDING_RULE_TARGET_UNSPECIFIED' | 'INSTANCE' | 'LOAD_BALANCER' | 'VPN_GATEWAY' | 'PSC'; /** DNS endpoint of [Google Kubernetes Engine cluster control plane](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture). Requires gke_master_cluster to be set, can't be used simultaneoulsly with ip_address or network. Applicable only to destination endpoint. */ fqdn?: string; /** A cluster URI for [Google Kubernetes Engine cluster control plane](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture). */ gkeMasterCluster?: string; /** A [GKE Pod](https://cloud.google.com/kubernetes-engine/docs/concepts/pod) URI. */ gkePod?: string; /** A Compute Engine instance URI. */ instance?: string; /** The IP address of the endpoint, which can be an external or internal IP. */ ipAddress?: string; /** Output only. ID of the load balancer the forwarding rule points to. Empty for forwarding rules not related to load balancers. */ loadBalancerId?: string; /** Output only. Type of the load balancer the forwarding rule points to. */ loadBalancerType?: | 'LOAD_BALANCER_TYPE_UNSPECIFIED' | 'HTTPS_ADVANCED_LOAD_BALANCER' | 'HTTPS_LOAD_BALANCER' | 'REGIONAL_HTTPS_LOAD_BALANCER' | 'INTERNAL_HTTPS_LOAD_BALANCER' | 'SSL_PROXY_LOAD_BALANCER' | 'TCP_PROXY_LOAD_BALANCER' | 'INTERNAL_TCP_PROXY_LOAD_BALANCER' | 'NETWORK_LOAD_BALANCER' | 'LEGACY_NETWORK_LOAD_BALANCER' | 'TCP_UDP_INTERNAL_LOAD_BALANCER'; /** A VPC network URI. For source endpoints, used according to the `network_type`. For destination endpoints, used only when the source is an external IP address endpoint, and the destination is an internal IP address endpoint. */ network?: string; /** For source endpoints, type of the network where the endpoint is located. Not relevant for destination endpoints. */ networkType?: | 'NETWORK_TYPE_UNSPECIFIED' | 'GCP_NETWORK' | 'NON_GCP_NETWORK' | 'INTERNET'; /** The IP protocol port of the endpoint. Only applicable when protocol is TCP or UDP. */ port?: number; /** For source endpoints, endpoint project ID. Used according to the `network_type`. Not relevant for destination endpoints. */ projectId?: string; /** A [Redis Cluster](https://cloud.google.com/memorystore/docs/cluster) URI. Applicable only to destination endpoint. */ redisCluster?: string; /** A [Redis Instance](https://cloud.google.com/memorystore/docs/redis) URI. Applicable only to destination endpoint. */ redisInstance?: string; } interface EndpointInfo { /** Destination IP address. */ destinationIp?: string; /** URI of the network where this packet is sent to. Format: `projects/{project_id}/global/networks/{network_id}` */ destinationNetworkUri?: string; /** Destination port. Only valid when protocol is TCP or UDP. */ destinationPort?: number; /** IP protocol in string format, for example: "TCP", "UDP", "ICMP". */ protocol?: string; /** URI of the source telemetry agent this packet originates from. */ sourceAgentUri?: string; /** Source IP address. */ sourceIp?: string; /** URI of the network where this packet originates from. Format: `projects/{project_id}/global/networks/{network_id}` */ sourceNetworkUri?: string; /** Source port. Only valid when protocol is TCP or UDP. */ sourcePort?: number; } interface Expr { /** Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. */ description?: string; /** Textual representation of an expression in Common Expression Language syntax. */ expression?: string; /** Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. */ location?: string; /** Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. */ title?: string; } interface FirewallInfo { /** Possible values: ALLOW, DENY, APPLY_SECURITY_PROFILE_GROUP */ action?: string; /** Possible values: INGRESS, EGRESS */ direction?: string; /** The display name of the firewall rule. This field might be empty for firewall policy rules. */ displayName?: string; /** The firewall rule's type. */ firewallRuleType?: | 'FIREWALL_RULE_TYPE_UNSPECIFIED' | 'HIERARCHICAL_FIREWALL_POLICY_RULE' | 'VPC_FIREWALL_RULE' | 'IMPLIED_VPC_FIREWALL_RULE' | 'SERVERLESS_VPC_ACCESS_MANAGED_FIREWALL_RULE' | 'NETWORK_FIREWALL_POLICY_RULE' | 'NETWORK_REGIONAL_FIREWALL_POLICY_RULE' | 'SYSTEM_NETWORK_FIREWALL_POLICY_RULE' | 'SYSTEM_REGIONAL_NETWORK_FIREWALL_POLICY_RULE' | 'UNSUPPORTED_FIREWALL_POLICY_RULE' | 'TRACKING_STATE' | 'ANALYSIS_SKIPPED'; /** The URI of the VPC network that the firewall rule is associated with in format "projects/{project}/global/networks/{network}". This field is not applicable to hierarchical firewall policy rules. */ networkUri?: string; /** The name of the firewall policy that this rule is associated with. This field is not applicable to VPC firewall rules and implied VPC firewall rules. */ policy?: string; /** The priority of the firewall policy that this rule is associated with. This field is not applicable to VPC firewall rules and implied VPC firewall rules. */ policyPriority?: number; /** The URI of the firewall policy that this rule is associated with. This field is not applicable to VPC firewall rules and implied VPC firewall rules. Format: * `locations/global/firewallPolicies/{policy_id}` (hierarchical policy) * `projects/{project_id}/global/firewallPolicies/{policy_id}` (global network firewall policy) * `projects/{project_id}/regions/{region}/firewallPolicies/{policy_id}` (regional network firewall policy) */ policyUri?: string; /** The priority of the firewall rule. */ priority?: number; /** The target service accounts specified by the firewall rule. */ targetServiceAccounts?: string[]; /** The target tags defined by the VPC firewall rule. This field is not applicable to firewall policy rules. */ targetTags?: string[]; /** Target type of the firewall rule. */ targetType?: 'TARGET_TYPE_UNSPECIFIED' | 'INSTANCES' | 'INTERNAL_MANAGED_LB'; /** The URI of the firewall rule in format "projects/{project}/global/firewalls/{firewall}". This field is not applicable to implied VPC firewall rules. */ uri?: string; } interface ForwardInfo { /** IP address of the target (if applicable). */ ipAddress?: string; /** URI of the resource that the packet is forwarded to. Format: * `projects/{project_id}/global/networks/{network_id}` (VPC peering network) * `projects/{project_id}/regions/{region}/vpnGateways/{vpn_gateway_id}` (VPN gateway) */ resourceUri?: string; /** Target type where this packet is forwarded to. */ target?: | 'TARGET_UNSPECIFIED' | 'PEERING_VPC' | 'VPN_GATEWAY' | 'INTERCONNECT' | 'GKE_MASTER' | 'IMPORTED_CUSTOM_ROUTE_NEXT_HOP' | 'CLOUD_SQL_INSTANCE' | 'ANOTHER_PROJECT' | 'NCC_HUB' | 'ROUTER_APPLIANCE' | 'SECURE_WEB_PROXY_GATEWAY'; } interface ForwardingRuleInfo { /** Name of the forwarding rule. */ displayName?: string; /** Name of the load balancer the forwarding rule belongs to. Empty for forwarding rules not related to load balancers (like PSC forwarding rules). */ loadBalancerName?: string; /** Port range defined in the forwarding rule that matches the packet. */ matchedPortRange?: string; /** Protocol defined in the forwarding rule that matches the packet. */ matchedProtocol?: string; /** URI of a VPC network where the forwarding rule is located in format "projects/{project}/global/networks/{network}". */ networkUri?: string; /** PSC Google API target this forwarding rule targets (if applicable). */ pscGoogleApiTarget?: string; /** URI of the PSC service attachment this forwarding rule targets (if applicable) in format "projects/{project}/regions/{region}/serviceAttachments/{service_attachment}". */ pscServiceAttachmentUri?: string; /** Region of the forwarding rule. Set only for regional forwarding rules. */ region?: string; /** Target type of the forwarding rule. */ target?: string; /** URI of the forwarding rule in format "projects/{project}/global/forwardingRules/{forwarding_rule}" (global) or "projects/{project}/regions/{region}/forwardingRules/{forwarding_rule}" (regional). */ uri?: string; /** VIP of the forwarding rule. */ vip?: string; } interface GKEMasterInfo { /** URI of the GKE cluster network. Format: `projects/{project_id}/global/networks/{network_id}` */ clusterNetworkUri?: string; /** URI of the GKE cluster. Format: * `projects/{project_id}/locations/{location}/clusters/{cluster_id}` (regional cluster) * `projects/{project_id}/zones/{zone}/clusters/{cluster_id}` (zonal cluster) */ clusterUri?: string; /** DNS endpoint of a GKE cluster control plane. */ dnsEndpoint?: string; /** External IP address of a GKE cluster control plane. */ externalIp?: string; /** Internal IP address of a GKE cluster control plane. */ internalIp?: string; } interface GkeNetworkPolicyInfo { /** Possible values: ALLOW, DENY */ action?: string; /** Possible values: INGRESS, EGRESS */ direction?: string; /** The name of the Network Policy. */ displayName?: string; /** The URI of the Network Policy. Format for a Network Policy in a zonal cluster: `projects//zones//clusters//k8s/namespaces//networking.k8s.io/networkpolicies/` Format for a Network Policy in a regional cluster: `projects//locations//clusters//k8s/namespaces//networking.k8s.io/networkpolicies/` */ uri?: string; } interface GkeNetworkPolicySkippedInfo { /** Reason why Network Policy evaluation was skipped. */ reason?: | 'REASON_UNSPECIFIED' | 'NETWORK_POLICY_DISABLED' | 'INGRESS_SOURCE_ON_SAME_NODE' | 'EGRESS_FROM_NODE_NETWORK_NAMESPACE_POD' | 'NETWORK_POLICY_NOT_APPLIED_TO_RESPONSE_TRAFFIC' | 'NETWORK_POLICY_ANALYSIS_UNSUPPORTED'; } interface GkePodInfo { /** IP address of a GKE Pod. If the Pod is dual-stack, this is the IP address relevant to the trace. */ ipAddress?: string; /** URI of the network containing the GKE Pod. Format: `projects/{project_id}/global/networks/{network_id}` */ networkUri?: string; /** URI of a GKE Pod. For Pods in regional Clusters, the URI format is: `projects/{project}/locations/{location}/clusters/{cluster}/k8s/namespaces/{namespace}/pods/{pod}` For Pods in zonal Clusters, the URI format is: `projects/{project}/zones/{zone}/clusters/{cluster}/k8s/namespaces/{namespace}/pods/{pod}` */ podUri?: string; } interface GoogleServiceInfo { /** Recognized type of a Google Service. */ googleServiceType?: | 'GOOGLE_SERVICE_TYPE_UNSPECIFIED' | 'IAP' | 'GFE_PROXY_OR_HEALTH_CHECK_PROBER' | 'CLOUD_DNS' | 'GOOGLE_API' | 'GOOGLE_API_PSC' | 'GOOGLE_API_VPC_SC' | 'SERVERLESS_VPC_ACCESS'; /** Source IP address. */ sourceIp?: string; } interface HybridSubnetInfo { /** Name of a hybrid subnet. */ displayName?: string; /** Name of a Google Cloud region where the hybrid subnet is configured. */ region?: string; /** URI of the hybrid subnet. Format: `projects/{project_id}/regions/{region}/subnetworks/{subnetwork_id}` */ uri?: string; } interface InstanceInfo { /** Name of a Compute Engine instance. */ displayName?: string; /** External IP address of the network interface. */ externalIp?: string; /** Name of the network interface of a Compute Engine instance. */ interface?: string; /** Internal IP address of the network interface. */ internalIp?: string; /** Network tags configured on the instance. */ networkTags?: string[]; /** URI of a Compute Engine network in format "projects/{project}/global/networks/{network}" */ networkUri?: string; /** URI of the PSC network attachment the NIC is attached to (if relevant) in format "projects/{project}/regions/{region}/networkAttachments/{network_attachment}" */ pscNetworkAttachmentUri?: string; /** Indicates whether the Compute Engine instance is running. Deprecated: use the `status` field instead. */ running?: boolean; /** Service account authorized for the instance. */ serviceAccount?: string; /** The status of the instance. */ status?: 'STATUS_UNSPECIFIED' | 'RUNNING' | 'NOT_RUNNING'; /** URI of a Compute Engine instance in format "projects/{project}/zones/{zone}/instances/{instance}" */ uri?: string; } interface InterconnectAttachmentInfo { /** URI of the Cloud Router to be used for dynamic routing. Format: `projects/{project_id}/regions/{region}/routers/{router_id}` */ cloudRouterUri?: string; /** Name of an Interconnect attachment. */ displayName?: string; /** URI of the Interconnect. Format: `projects/{project_id}/global/interconnects/{interconnect_id}` */ interconnectUri?: string; /** Appliance IP address that was matched for L2_DEDICATED attachments. */ l2AttachmentMatchedIpAddress?: string; /** Name of a Google Cloud region where the Interconnect attachment is configured. */ region?: string; /** The type of interconnect attachment this is. */ type?: | 'TYPE_UNSPECIFIED' | 'DEDICATED' | 'PARTNER' | 'PARTNER_PROVIDER' | 'L2_DEDICATED'; /** URI of the Interconnect attachment. Format: `projects/{project_id}/regions/{region}/interconnectAttachments/{attachment_id}` */ uri?: string; } interface IpMasqueradingSkippedInfo { /** The matched non-masquerade IP range. Only set if reason is DESTINATION_IP_IN_CONFIGURED_NON_MASQUERADE_RANGE or DESTINATION_IP_IN_DEFAULT_NON_MASQUERADE_RANGE. */ nonMasqueradeRange?: string; /** Reason why IP masquerading was not applied. */ reason?: | 'REASON_UNSPECIFIED' | 'DESTINATION_IP_IN_CONFIGURED_NON_MASQUERADE_RANGE' | 'DESTINATION_IP_IN_DEFAULT_NON_MASQUERADE_RANGE' | 'DESTINATION_ON_SAME_NODE' | 'DEFAULT_SNAT_DISABLED' | 'NO_MASQUERADING_FOR_IPV6' | 'POD_USES_NODE_NETWORK_NAMESPACE' | 'NO_MASQUERADING_FOR_RETURN_PACKET'; } interface LatencyDistribution { /** Representative latency percentiles. */ latencyPercentiles?: LatencyPercentile[]; } interface LatencyPercentile { /** percent-th percentile of latency observed, in microseconds. Fraction of percent/100 of samples have latency lower or equal to the value of this field. */ latencyMicros?: string; /** Percentage of samples this data point applies to. */ percent?: number; } interface ListConnectivityTestsResponse { /** Page token to fetch the next set of Connectivity Tests. */ nextPageToken?: string; /** List of Connectivity Tests. */ resources?: ConnectivityTest[]; /** Locations that could not be reached (when querying all locations with `-`). */ unreachable?: string[]; } interface ListLocationsResponse { /** A list of locations that matches the specified filter in the request. */ locations?: Location[]; /** The standard List next-page token. */ nextPageToken?: string; } interface ListOperationsResponse { /** The standard List next-page token. */ nextPageToken?: string; /** A list of operations that matches the specified filter in the request. */ operations?: Operation[]; /** Unordered list. Unreachable resources. Populated when the request sets `ListOperationsRequest.return_partial_success` and reads across collections. For example, when attempting to list all resources across all supported locations. */ unreachable?: string[]; } interface ListVpcFlowLogsConfigsResponse { /** Page token to fetch the next set of configurations. */ nextPageToken?: string; /** Locations that could not be reached (when querying all locations with `-`). */ unreachable?: string[]; /** List of VPC Flow Log configurations. */ vpcFlowLogsConfigs?: VpcFlowLogsConfig[]; } interface LoadBalancerBackend { /** Name of a Compute Engine instance or network endpoint. */ displayName?: string; /** A list of firewall rule URIs allowing probes from health check IP ranges. */ healthCheckAllowingFirewallRules?: string[]; /** A list of firewall rule URIs blocking probes from health check IP ranges. */ healthCheckBlockingFirewallRules?: string[]; /** State of the health check firewall configuration. */ healthCheckFirewallState?: | 'HEALTH_CHECK_FIREWALL_STATE_UNSPECIFIED' | 'CONFIGURED' | 'MISCONFIGURED'; /** URI of the backend instance or network endpoint. Format: * `projects/{project_id}/zones/{zone}/instances/{instance_id}` (instance) * `projects/{project_id}/zones/{zone}/networkEndpointGroups/{neg_id}` (zonal NEG) * `projects/{project_id}/regions/{region}/networkEndpointGroups/{neg_id}` (regional NEG) * `projects/{project_id}/global/networkEndpointGroups/{neg_id}` (global NEG) */ uri?: string; } interface LoadBalancerBackendInfo { /** URI of the backend bucket this backend targets (if applicable) in format "projects/{project}/global/backendBuckets/{backend_bucket}". */ backendBucketUri?: string; /** URI of the backend service this backend belongs to (if applicable) in format "projects/{project}/regions/{region}/backendServices/{backend_service}" (regional) or "projects/{project}/global/backendServices/{backend_service}" (global). */ backendServiceUri?: string; /** Output only. Health check firewalls configuration state for the backend. This is a result of the static firewall analysis (verifying that health check traffic from required IP ranges to the backend is allowed or not). The backend might still be unhealthy even if these firewalls are configured. Please refer to the documentation for more information: https://cloud.google.com/load-balancing/docs/firewall-rules */ healthCheckFirewallsConfigState?: | 'HEALTH_CHECK_FIREWALLS_CONFIG_STATE_UNSPECIFIED' | 'FIREWALLS_CONFIGURED' | 'FIREWALLS_PARTIALLY_CONFIGURED' | 'FIREWALLS_NOT_CONFIGURED' | 'FIREWALLS_UNSUPPORTED'; /** URI of the health check attached to this backend (if applicable). Format: * `projects/{project_id}/global/healthChecks/{health_check_id}` * `projects/{project_id}/regions/{region}/healthChecks/{health_check_id}` * `projects/{project_id}/global/httpHealthChecks/{health_check_id}` (legacy) */ healthCheckUri?: string; /** URI of the instance group this backend belongs to (if applicable) in format "projects/{project}/zones/{zone}/instanceGroups/{instance_group}". */ instanceGroupUri?: string; /** URI of the backend instance (if applicable) in format "projects/{project}/zones/{zone}/instances/{instance}". Populated for instance group backends, and zonal NEG backends. */ instanceUri?: string; /** Display name of the backend. For example, it might be an instance name for the instance group backends, or an IP address and port for zonal network endpoint group backends. */ name?: string; /** URI of the network endpoint group this backend belongs to (if applicable) Format: * `projects/{project_id}/zones/{zone}/networkEndpointGroups/{neg_id}` (zonal NEG) * `projects/{project_id}/regions/{region}/networkEndpointGroups/{neg_id}` (regional NEG) * `projects/{project_id}/global/networkEndpointGroups/{neg_id}` (global NEG) */ networkEndpointGroupUri?: string; /** PSC Google API target this PSC NEG backend targets (if applicable). */ pscGoogleApiTarget?: string; /** URI of the PSC service attachment this PSC NEG backend targets (if applicable) in format "projects/{project}/regions/{region}/serviceAttachments/{service_attachment}". */ pscServiceAttachmentUri?: string; } interface LoadBalancerInfo { /** Information for the loadbalancer backends. */ backends?: LoadBalancerBackend[]; /** Type of load balancer's backend configuration. */ backendType?: | 'BACKEND_TYPE_UNSPECIFIED' | 'BACKEND_SERVICE' | 'TARGET_POOL' | 'TARGET_INSTANCE'; /** URI of the backend associated with the load balancer. Format: * `projects/{project_id}/regions/{region}/backendServices/{backend_service_id}` * `projects/{project_id}/global/backendServices/{backend_service_id}` * `projects/{project_id}/regions/{region}/targetPools/{target_pool_id}` * `projects/{project_id}/zones/{zone}/targetInstances/{target_instance_id}` */ backendUri?: string; /** URI of the health check for the load balancer. Deprecated and no longer populated as different load balancer backends might have different health checks. */ healthCheckUri?: string; /** Type of the load balancer. */ loadBalancerType?: | 'LOAD_BALANCER_TYPE_UNSPECIFIED' | 'INTERNAL_TCP_UDP' | 'NETWORK_TCP_UDP' | 'HTTP_PROXY' | 'TCP_PROXY' | 'SSL_PROXY'; } interface Location { /** The friendly name for this location, typically a nearby city name. For example, "Tokyo". */ displayName?: string; /** Cross-service attributes for the location. For example {"cloud.googleapis.com/region": "us-east1"} */ labels?: {[P in string]: string}; /** The canonical id for this location. For example: `"us-east1"`. */ locationId?: string; /** Service-specific metadata. For example the available capacity at the given location. */ metadata?: {[P in string]: any}; /** Resource name for the location, which may vary between implementations. For example: `"projects/example-project/locations/us-east1"` */ name?: string; } interface NatInfo { /** Type of Cloud NAT gateway. Only valid when `type` is CLOUD_NAT. */ cloudNatGatewayType?: | 'CLOUD_NAT_GATEWAY_TYPE_UNSPECIFIED' | 'PUBLIC_NAT44' | 'PUBLIC_NAT64' | 'PRIVATE_NAT_NCC' | 'PRIVATE_NAT_HYBRID' | 'PRIVATE_NAT64'; /** The name of Cloud NAT Gateway. Only valid when type is CLOUD_NAT. */ natGatewayName?: string; /** URI of the VPC network where NAT translation takes place. Format: `projects/{project_id}/global/networks/{network_id}` */ networkUri?: string; /** Destination IP address after NAT translation. */ newDestinationIp?: string; /** Destination port after NAT translation. Only valid when protocol is TCP or UDP. */ newDestinationPort?: number; /** Source IP address after NAT translation. */ newSourceIp?: string; /** Source port after NAT translation. Only valid when protocol is TCP or UDP. */ newSourcePort?: number; /** Destination IP address before NAT translation. */ oldDestinationIp?: string; /** Destination port before NAT translation. Only valid when protocol is TCP or UDP. */ oldDestinationPort?: number; /** Source IP address before NAT translation. */ oldSourceIp?: string; /** Source port before NAT translation. Only valid when protocol is TCP or UDP. */ oldSourcePort?: number; /** IP protocol in string format, for example: "TCP", "UDP", "ICMP". */ protocol?: string; /** URI of the Cloud Router. Only valid when type is CLOUD_NAT. Format: `projects/{project_id}/regions/{region}/routers/{router_id}` */ routerUri?: string; /** Type of NAT. */ type?: | 'TYPE_UNSPECIFIED' | 'INTERNAL_TO_EXTERNAL' | 'EXTERNAL_TO_INTERNAL' | 'CLOUD_NAT' | 'PRIVATE_SERVICE_CONNECT' | 'GKE_POD_IP_MASQUERADING'; } interface NetworkInfo { /** Name of a Compute Engine network. */ displayName?: string; /** The IP range of the subnet matching the source IP address of the test. */ matchedIpRange?: string; /** URI of the subnet matching the source IP address of the test in format "projects/{project}/regions/{region}/subnetworks/{subnetwork}" */ matchedSubnetUri?: string; /** The region of the subnet matching the source IP address of the test. */ region?: string; /** URI of a Compute Engine network in format "projects/{project}/global/networks/{network}" */ uri?: string; } interface NgfwPacketInspectionInfo { /** URI of the security profile group associated with this firewall packet inspection. Format: `organizations/{organization_id}/locations/global/securityProfileGroups/{security_profile_group_id}` */ securityProfileGroupUri?: string; } interface Operation { /** If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. */ done?: boolean; /** The error result of the operation in case of failure or cancellation. */ error?: Status; /** Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any. */ metadata?: {[P in string]: any}; /** The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`. */ name?: string; /** The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. */ response?: {[P in string]: any}; } interface OperationMetadata { /** API version. */ apiVersion?: string; /** Specifies if cancellation was requested for the operation. */ cancelRequested?: boolean; /** The time the operation was created. */ createTime?: string; /** The time the operation finished running. */ endTime?: string; /** Human-readable status of the operation, if any. */ statusDetail?: string; /** Target of the operation - for example projects/project-1/locations/global/connectivityTests/test-1 */ target?: string; /** Name of the verb executed by the operation. */ verb?: string; } interface Policy { /** Specifies cloud audit logging configuration for this policy. */ auditConfigs?: AuditConfig[]; /** Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`. */ bindings?: Binding[]; /** `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. */ etag?: string; /** Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ version?: number; } interface PrivateConnectionInfo { /** URI of the Private Connection in format "projects/{project_id}/locations/{location}/privateConnections/{private_connection_id}" */ uri?: string; } interface ProbingDetails { /** The reason probing was aborted. */ abortCause?: | 'PROBING_ABORT_CAUSE_UNSPECIFIED' | 'PERMISSION_DENIED' | 'NO_SOURCE_LOCATION'; /** The EdgeLocation from which a packet, destined to the internet, will egress the Google network. This will only be populated for a connectivity test which has an internet destination address. The absence of this field *must not* be used as an indication that the destination is part of the Google network. */ destinationEgressLocation?: EdgeLocation; /** Probing results for all edge devices. */ edgeResponses?: SingleEdgeResponse[]; /** The source and destination endpoints derived from the test input and used for active probing. */ endpointInfo?: EndpointInfo; /** Details about an internal failure or the cancellation of active probing. */ error?: Status; /** Whether all relevant edge devices were probed. */ probedAllDevices?: boolean; /** Latency as measured by active probing in one direction: from the source to the destination endpoint. */ probingLatency?: LatencyDistribution; /** The overall result of active probing. */ result?: | 'PROBING_RESULT_UNSPECIFIED' | 'REACHABLE' | 'UNREACHABLE' | 'REACHABILITY_INCONSISTENT' | 'UNDETERMINED'; /** Number of probes sent. */ sentProbeCount?: number; /** Number of probes that reached the destination. */ successfulProbeCount?: number; /** The time that reachability was assessed through active probing. */ verifyTime?: string; } interface ProxyConnectionInfo { /** URI of the VPC network where connection is proxied. Format: `projects/{project_id}/global/networks/{network_id}` */ networkUri?: string; /** Destination IP address of a new connection. */ newDestinationIp?: string; /** Destination port of a new connection. Only valid when protocol is TCP or UDP. */ newDestinationPort?: number; /** Source IP address of a new connection. */ newSourceIp?: string; /** Source port of a new connection. Only valid when protocol is TCP or UDP. */ newSourcePort?: number; /** Destination IP address of an original connection */ oldDestinationIp?: string; /** Destination port of an original connection. Only valid when protocol is TCP or UDP. */ oldDestinationPort?: number; /** Source IP address of an original connection. */ oldSourceIp?: string; /** Source port of an original connection. Only valid when protocol is TCP or UDP. */ oldSourcePort?: number; /** IP protocol in string format, for example: "TCP", "UDP", "ICMP". */ protocol?: string; /** URI of the proxy subnet. Format: `projects/{project_id}/regions/{region}/subnetworks/{subnetwork_id}` */ subnetUri?: string; } interface QueryOrgVpcFlowLogsConfigsResponse { /** Page token to fetch the next set of configurations. */ nextPageToken?: string; /** Locations that could not be reached (when querying all locations with `-`). */ unreachable?: string[]; /** List of VPC Flow Log configurations. */ vpcFlowLogsConfigs?: VpcFlowLogsConfig[]; } interface ReachabilityDetails { /** The details of a failure or a cancellation of reachability analysis. */ error?: Status; /** The overall result of the test's configuration analysis. */ result?: | 'RESULT_UNSPECIFIED' | 'REACHABLE' | 'UNREACHABLE' | 'AMBIGUOUS' | 'UNDETERMINED'; /** Result may contain a list of traces if a test has multiple possible paths in the network, such as when destination endpoint is a load balancer with multiple backends. */ traces?: Trace[]; /** The time of the configuration analysis. */ verifyTime?: string; } interface RedisClusterInfo { /** Discovery endpoint IP address of a Redis Cluster. */ discoveryEndpointIpAddress?: string; /** Name of a Redis Cluster. */ displayName?: string; /** Name of the region in which the Redis Cluster is defined. For example, "us-central1". */ location?: string; /** URI of the network containing the Redis Cluster endpoints in format "projects/{project_id}/global/networks/{network_id}". */ networkUri?: string; /** Secondary endpoint IP address of a Redis Cluster. */ secondaryEndpointIpAddress?: string; /** URI of a Redis Cluster in format "projects/{project_id}/locations/{location}/clusters/{cluster_id}" */ uri?: string; } interface RedisInstanceInfo { /** Name of a Cloud Redis Instance. */ displayName?: string; /** URI of a Cloud Redis Instance network in format "projects/{project}/global/networks/{network}". */ networkUri?: string; /** Primary endpoint IP address of a Cloud Redis Instance. */ primaryEndpointIp?: string; /** Read endpoint IP address of a Cloud Redis Instance (if applicable). */ readEndpointIp?: string; /** Region in which the Cloud Redis Instance is defined. */ region?: string; /** URI of a Cloud Redis Instance in format "projects/{project}/locations/{location}/instances/{instance}" */ uri?: string; } interface RerunConnectivityTestRequest {} interface RouteInfo { /** For ADVERTISED routes, the URI of their next hop, i.e. the URI of the hybrid endpoint (VPN tunnel, Interconnect attachment, NCC router appliance) the advertised prefix is advertised through, or URI of the source peered network. Deprecated in favor of the next_hop_uri field, not used in new tests. */ advertisedRouteNextHopUri?: string; /** For ADVERTISED dynamic routes, the URI of the Cloud Router that advertised the corresponding IP prefix in format "projects/{project}/regions/{region}/routers/{router}". */ advertisedRouteSourceRouterUri?: string; /** Destination IP range of the route. */ destIpRange?: string; /** Destination port ranges of the route. POLICY_BASED routes only. */ destPortRanges?: string[]; /** Name of a route. */ displayName?: string; /** Instance tags of the route. */ instanceTags?: string[]; /** For PEERING_SUBNET and PEERING_DYNAMIC routes that are advertised by NCC Hub, the URI of the corresponding route in NCC Hub's routing table. Format: `projects/{project_id}/locations/global/hubs/{hub_id}/routeTables/{route_table_id}/routes/{route_id}` */ nccHubRouteUri?: string; /** URI of the NCC Hub the route is advertised by in format "projects/{project}/locations/global/hubs/{hub}". PEERING_SUBNET and PEERING_DYNAMIC routes that are advertised by NCC Hub only. */ nccHubUri?: string; /** URI of the destination NCC Spoke in format "projects/{project}/locations/{location}/spokes/{spoke}" (regional) or "projects/{project}/locations/global/spokes/{spoke}" (global). PEERING_SUBNET and PEERING_DYNAMIC routes that are advertised by NCC Hub only. */ nccSpokeUri?: string; /** URI of a VPC network where route is located in format "projects/{project}/global/networks/{network}". */ networkUri?: string; /** String type of the next hop of the route (for example, "VPN tunnel"). Deprecated in favor of the next_hop_type and next_hop_uri fields, not used in new tests. */ nextHop?: string; /** URI of a VPC network where the next hop resource is located in format "projects/{project}/global/networks/{network}". */ nextHopNetworkUri?: string; /** Type of next hop. */ nextHopType?: | 'NEXT_HOP_TYPE_UNSPECIFIED' | 'NEXT_HOP_IP' | 'NEXT_HOP_INSTANCE' | 'NEXT_HOP_NETWORK' | 'NEXT_HOP_PEERING' | 'NEXT_HOP_INTERCONNECT' | 'NEXT_HOP_VPN_TUNNEL' | 'NEXT_HOP_VPN_GATEWAY' | 'NEXT_HOP_INTERNET_GATEWAY' | 'NEXT_HOP_BLACKHOLE' | 'NEXT_HOP_ILB' | 'NEXT_HOP_ROUTER_APPLIANCE' | 'NEXT_HOP_NCC_HUB' | 'SECURE_WEB_PROXY_GATEWAY'; /** URI of the next hop resource. */ nextHopUri?: string; /** For PEERING_SUBNET, PEERING_STATIC and PEERING_DYNAMIC routes, the name of the originating SUBNET/STATIC/DYNAMIC route. */ originatingRouteDisplayName?: string; /** For PEERING_SUBNET and PEERING_STATIC routes, the URI of the originating SUBNET/STATIC route. Format: `projects/{project_id}/global/routes/{route_id}` */ originatingRouteUri?: string; /** Priority of the route. */ priority?: number; /** Protocols of the route. POLICY_BASED routes only. */ protocols?: string[]; /** Region of the route. DYNAMIC, PEERING_DYNAMIC, POLICY_BASED and ADVERTISED routes only. If set for POLICY_BASED route, this is a region of VLAN attachments for Cloud Interconnect the route applies to. If set to "all" for POLICY_BASED route, the route applies to VLAN attachments of Cloud Interconnect in all regions. */ region?: string; /** Indicates where route is applicable. Deprecated, routes with NCC_HUB scope are not included in the trace in new tests. */ routeScope?: 'ROUTE_SCOPE_UNSPECIFIED' | 'NETWORK' | 'NCC_HUB'; /** Type of route. */ routeType?: | 'ROUTE_TYPE_UNSPECIFIED' | 'SUBNET' | 'STATIC' | 'DYNAMIC' | 'PEERING_SUBNET' | 'PEERING_STATIC' | 'PEERING_DYNAMIC' | 'POLICY_BASED' | 'ADVERTISED'; /** Source IP address range of the route. POLICY_BASED routes only. */ srcIpRange?: string; /** Source port ranges of the route. POLICY_BASED routes only. */ srcPortRanges?: string[]; /** URI of a route in format "projects/{project}/global/routes/{route}". SUBNET, STATIC, PEERING_SUBNET (only for peering network) and POLICY_BASED routes only. */ uri?: string; } interface ServerlessExternalConnectionInfo { /** Selected starting IP address, from the Google dynamic address pool. */ selectedIpAddress?: string; } interface ServerlessNegInfo { /** URI of the serverless network endpoint group in format "projects/{project}/regions/{region}/networkEndpointGroups/{network_endpoint_group}". */ negUri?: string; } interface SetIamPolicyRequest { /** REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them. */ policy?: Policy; /** OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"` */ updateMask?: string; } interface ShowEffectiveFlowLogsConfigsResponse { /** List of Effective Vpc Flow Logs configurations. */ effectiveFlowLogsConfigs?: EffectiveVpcFlowLogsConfig[]; /** Page token to fetch the next set of configurations. */ nextPageToken?: string; /** Locations that could not be reached (when querying all locations with `-`). */ unreachable?: string[]; } interface SingleEdgeResponse { /** The EdgeLocation from which a packet, destined to the internet, will egress the Google network. This will only be populated for a connectivity test which has an internet destination address. The absence of this field *must not* be used as an indication that the destination is part of the Google network. */ destinationEgressLocation?: EdgeLocation; /** Router name in the format '{router}.{metroshard}'. For example: pf01.aaa01, pr02.aaa01. */ destinationRouter?: string; /** Latency as measured by active probing in one direction: from the source to the destination endpoint. */ probingLatency?: LatencyDistribution; /** The overall result of active probing for this egress device. */ result?: | 'PROBING_RESULT_UNSPECIFIED' | 'REACHABLE' | 'UNREACHABLE' | 'REACHABILITY_INCONSISTENT' | 'UNDETERMINED'; /** Number of probes sent. */ sentProbeCount?: number; /** Number of probes that reached the destination. */ successfulProbeCount?: number; } interface Status { /** The status code, which should be an enum value of google.rpc.Code. */ code?: number; /** A list of messages that carry the error details. There is a common set of message types for APIs to use. */ details?: {[P in string]: any}[]; /** A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. */ message?: string; } interface Step { /** Display information of the final state "abort" and reason. */ abort?: AbortInfo; /** Display information of an App Engine service version. */ appEngineVersion?: AppEngineVersionInfo; /** This is a step that leads to the final state Drop. */ causesDrop?: boolean; /** Display information of a Cloud Function. */ cloudFunction?: CloudFunctionInfo; /** Display information of a Cloud Run job. */ cloudRunJob?: CloudRunJobInfo; /** Display information of a Cloud Run revision. */ cloudRunRevision?: CloudRunRevisionInfo; /** Display information of a Cloud SQL instance. */ cloudSqlInstance?: CloudSQLInstanceInfo; /** Display information of a Datastream Private Connection. */ datastreamPrivateConnection?: PrivateConnectionInfo; /** Display information of the final state "deliver" and reason. */ deliver?: DeliverInfo; /** A description of the step. Usually this is a summary of the state. */ description?: string; /** Display information of a serverless direct VPC egress connection. */ directVpcEgressConnection?: DirectVpcEgressConnectionInfo; /** Display information of a DMS Private Connection. */ dmsPrivateConnection?: PrivateConnectionInfo; /** Display information of the final state "drop" and reason. */ drop?: DropInfo; /** Display information of the source and destination under analysis. The endpoint information in an intermediate state may differ with the initial input, as it might be modified by state like NAT, or Connection Proxy. */ endpoint?: EndpointInfo; /** Display information of a Compute Engine firewall rule. */ firewall?: FirewallInfo; /** Display information of the final state "forward" and reason. */ forward?: ForwardInfo; /** Display information of a Compute Engine forwarding rule. */ forwardingRule?: ForwardingRuleInfo; /** Display information of a Google Kubernetes Engine cluster master. */ gkeMaster?: GKEMasterInfo; /** Display information of a GKE Network Policy. */ gkeNetworkPolicy?: GkeNetworkPolicyInfo; /** Display information of the reason why GKE Network Policy evaluation was skipped. */ gkeNetworkPolicySkipped?: GkeNetworkPolicySkippedInfo; /** Display information of a Google Kubernetes Engine Pod. */ gkePod?: GkePodInfo; /** Display information of a Google service */ googleService?: GoogleServiceInfo; /** Display information of a hybrid subnet. */ hybridSubnet?: HybridSubnetInfo; /** Display information of a Compute Engine instance. */ instance?: InstanceInfo; /** Display information of an interconnect attachment. */ interconnectAttachment?: InterconnectAttachmentInfo; /** Display information of the reason why GKE Pod IP masquerading was skipped. */ ipMasqueradingSkipped?: IpMasqueradingSkippedInfo; /** Display information of the load balancers. Deprecated in favor of the `load_balancer_backend_info` field, not used in new tests. */ loadBalancer?: LoadBalancerInfo; /** Display information of a specific load balancer backend. */ loadBalancerBackendInfo?: LoadBalancerBackendInfo; /** Display information of a NAT. */ nat?: NatInfo; /** Display information of a Google Cloud network. */ network?: NetworkInfo; /** Display information of a layer 7 packet inspection by the firewall. */ ngfwPacketInspection?: NgfwPacketInspectionInfo; /** Project ID that contains the configuration this step is validating. */ projectId?: string; /** Display information of a ProxyConnection. */ proxyConnection?: ProxyConnectionInfo; /** Display information of a Redis Cluster. */ redisCluster?: RedisClusterInfo; /** Display information of a Redis Instance. */ redisInstance?: RedisInstanceInfo; /** Display information of a Compute Engine route. */ route?: RouteInfo; /** Display information of a serverless public (external) connection. */ serverlessExternalConnection?: ServerlessExternalConnectionInfo; /** Display information of a Serverless network endpoint group backend. Used only for return traces. */ serverlessNeg?: ServerlessNegInfo; /** Each step is in one of the pre-defined states. */ state?: | 'STATE_UNSPECIFIED' | 'START_FROM_INSTANCE' | 'START_FROM_INTERNET' | 'START_FROM_GOOGLE_SERVICE' | 'START_FROM_PRIVATE_NETWORK' | 'START_FROM_GKE_MASTER' | 'START_FROM_CLOUD_SQL_INSTANCE' | 'START_FROM_GKE_POD' | 'START_FROM_REDIS_INSTANCE' | 'START_FROM_REDIS_CLUSTER' | 'START_FROM_CLOUD_FUNCTION' | 'START_FROM_APP_ENGINE_VERSION' | 'START_FROM_CLOUD_RUN_REVISION' | 'START_FROM_CLOUD_RUN_JOB' | 'START_FROM_STORAGE_BUCKET' | 'START_FROM_PSC_PUBLISHED_SERVICE' | 'START_FROM_SERVERLESS_NEG' | 'START_FROM_DMS_PRIVATE_CONNECTION' | 'START_FROM_DATASTREAM_PRIVATE_CONNECTION' | 'APPLY_INGRESS_FIREWALL_RULE' | 'APPLY_EGRESS_FIREWALL_RULE' | 'APPLY_ROUTE' | 'APPLY_FORWARDING_RULE' | 'ANALYZE_LOAD_BALANCER_BACKEND' | 'SPOOFING_APPROVED' | 'ARRIVE_AT_INSTANCE' | 'ARRIVE_AT_INTERNAL_LOAD_BALANCER' | 'ARRIVE_AT_EXTERNAL_LOAD_BALANCER' | 'ARRIVE_AT_HYBRID_SUBNET' | 'ARRIVE_AT_VPN_GATEWAY' | 'ARRIVE_AT_VPN_TUNNEL' | 'ARRIVE_AT_INTERCONNECT_ATTACHMENT' | 'ARRIVE_AT_VPC_CONNECTOR' | 'ARRIVE_AT_GKE_POD' | 'DIRECT_VPC_EGRESS_CONNECTION' | 'SERVERLESS_EXTERNAL_CONNECTION' | 'NGFW_PACKET_INSPECTION' | 'NAT' | 'SKIP_GKE_POD_IP_MASQUERADING' | 'SKIP_GKE_INGRESS_NETWORK_POLICY' | 'SKIP_GKE_EGRESS_NETWORK_POLICY' | 'APPLY_INGRESS_GKE_NETWORK_POLICY' | 'APPLY_EGRESS_GKE_NETWORK_POLICY' | 'PROXY_CONNECTION' | 'DELIVER' | 'DROP' | 'FORWARD' | 'ABORT' | 'VIEWER_PERMISSION_MISSING'; /** Display information of a Storage Bucket. Used only for return traces. */ storageBucket?: StorageBucketInfo; /** Display information of a VPC connector. */ vpcConnector?: VpcConnectorInfo; /** Display information of a Compute Engine VPN gateway. */ vpnGateway?: VpnGatewayInfo; /** Display information of a Compute Engine VPN tunnel. */ vpnTunnel?: VpnTunnelInfo; } interface StorageBucketInfo { /** Cloud Storage Bucket name. */ bucket?: string; } interface TestIamPermissionsRequest { /** The set of permissions to check for the `resource`. Permissions with wildcards (such as `*` or `storage.*`) are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). */ permissions?: string[]; } interface TestIamPermissionsResponse { /** A subset of `TestPermissionsRequest.permissions` that the caller is allowed. */ permissions?: string[]; } interface Trace { /** Derived from the source and destination endpoints definition specified by user request, and validated by the data plane model. If there are multiple traces starting from different source locations, then the endpoint_info may be different between traces. */ endpointInfo?: EndpointInfo; /** ID of trace. For forward traces, this ID is unique for each trace. For return traces, it matches ID of associated forward trace. A single forward trace can be associated with none, one or more than one return trace. */ forwardTraceId?: number; /** A trace of a test contains multiple steps from the initial state to the final state (delivered, dropped, forwarded, or aborted). The steps are ordered by the processing sequence within the simulated network state machine. It is critical to preserve the order of the steps and avoid reordering or sorting them. */ steps?: Step[]; } interface VpcConnectorInfo { /** Name of a VPC connector. */ displayName?: string; /** Location in which the VPC connector is deployed. */ location?: string; /** URI of a VPC connector. Format: `projects/{project_id}/locations/{location}/connectors/{connector_id}` */ uri?: string; } interface VpcFlowLogsConfig { /** Optional. The aggregation interval for the logs. Default value is INTERVAL_5_SEC. */ aggregationInterval?: | 'AGGREGATION_INTERVAL_UNSPECIFIED' | 'INTERVAL_5_SEC' | 'INTERVAL_30_SEC' | 'INTERVAL_1_MIN' | 'INTERVAL_5_MIN' | 'INTERVAL_10_MIN' | 'INTERVAL_15_MIN'; /** Output only. The time the config was created. */ createTime?: string; /** Optional. Determines whether to include cross project annotations in the logs. This field is available only for organization configurations. If not specified in org configs will be set to CROSS_PROJECT_METADATA_ENABLED. */ crossProjectMetadata?: | 'CROSS_PROJECT_METADATA_UNSPECIFIED' | 'CROSS_PROJECT_METADATA_ENABLED' | 'CROSS_PROJECT_METADATA_DISABLED'; /** Optional. The user-supplied description of the VPC Flow Logs configuration. Maximum of 512 characters. */ description?: string; /** Optional. Export filter used to define which VPC Flow Logs should be logged. */ filterExpr?: string; /** Optional. The value of the field must be in (0, 1]. The sampling rate of VPC Flow Logs where 1.0 means all collected logs are reported. Setting the sampling rate to 0.0 is not allowed. If you want to disable VPC Flow Logs, use the state field instead. Default value is 1.0. */ flowSampling?: number; /** Traffic will be logged from the Interconnect Attachment. Format: projects/{project_id}/regions/{region}/interconnectAttachments/{name} */ interconnectAttachment?: string; /** Optional. Resource labels to represent user-provided metadata. */ labels?: {[P in string]: string}; /** Optional. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default value is INCLUDE_ALL_METADATA. */ metadata?: | 'METADATA_UNSPECIFIED' | 'INCLUDE_ALL_METADATA' | 'EXCLUDE_ALL_METADATA' | 'CUSTOM_METADATA'; /** Optional. Custom metadata fields to include in the reported VPC flow logs. Can only be specified if "metadata" was set to CUSTOM_METADATA. */ metadataFields?: string[]; /** Identifier. Unique name of the configuration. The name can have one of the following forms: - For project-level configurations: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For organization-level configurations: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` */ name?: string; /** Traffic will be logged from VMs, VPN tunnels and Interconnect Attachments within the network. Format: projects/{project_id}/global/networks/{name} */ network?: string; /** Optional. The state of the VPC Flow Log configuration. Default value is ENABLED. When creating a new configuration, it must be enabled. Setting state=DISABLED will pause the log generation for this config. */ state?: 'STATE_UNSPECIFIED' | 'ENABLED' | 'DISABLED'; /** Traffic will be logged from VMs within the subnetwork. Format: projects/{project_id}/regions/{region}/subnetworks/{name} */ subnet?: string; /** Output only. Describes the state of the configured target resource for diagnostic purposes. */ targetResourceState?: | 'TARGET_RESOURCE_STATE_UNSPECIFIED' | 'TARGET_RESOURCE_EXISTS' | 'TARGET_RESOURCE_DOES_NOT_EXIST'; /** Output only. The time the config was updated. */ updateTime?: string; /** Traffic will be logged from the VPN Tunnel. Format: projects/{project_id}/regions/{region}/vpnTunnels/{name} */ vpnTunnel?: string; } interface VpnGatewayInfo { /** Name of a VPN gateway. */ displayName?: string; /** IP address of the VPN gateway. */ ipAddress?: string; /** URI of the VPC network where the VPN gateway is configured. Format: `projects/{project_id}/global/networks/{network_id}` */ networkUri?: string; /** Name of a Google Cloud region where this VPN gateway is configured. */ region?: string; /** URI of the VPN gateway. Format: * `projects/{project_id}/regions/{region}/vpnGateways/{vpn_gateway_id}` (HA VPN gateway) * `projects/{project_id}/regions/{region}/targetVpnGateways/{target_vpn_gateway_id}` (Classic VPN gateway) */ uri?: string; /** URI of the VPN tunnel associated with the VPN gateway. There may be multiple VPN tunnels configured on a VPN gateway, and only the one relevant to the test is displayed. Format: `projects/{project_id}/regions/{region}/vpnTunnels/{vpn_tunnel_id}` */ vpnTunnelUri?: string; } interface VpnTunnelInfo { /** Name of a VPN tunnel. */ displayName?: string; /** URI of the VPC network where the VPN tunnel is configured. Format: `projects/{project_id}/global/networks/{network_id}` */ networkUri?: string; /** Name of a Google Cloud region where this VPN tunnel is configured. */ region?: string; /** URI of a VPN gateway at remote end of the tunnel. Format: * `projects/{project_id}/regions/{region}/vpnGateways/{vpn_gateway_id}` (GCP HA VPN gateway) * `projects/{project_id}/global/peerVpnGateways/{peer_vpn_gateway_id}` (GCP peer VPN gateway) */ remoteGateway?: string; /** Remote VPN gateway's IP address. */ remoteGatewayIp?: string; /** Type of the routing policy. */ routingType?: 'ROUTING_TYPE_UNSPECIFIED' | 'ROUTE_BASED' | 'POLICY_BASED' | 'DYNAMIC'; /** URI of the VPN gateway at local end of the tunnel. Format: * `projects/{project_id}/regions/{region}/vpnGateways/{vpn_gateway_id}` (HA VPN gateway) * `projects/{project_id}/regions/{region}/targetVpnGateways/{target_vpn_gateway_id}` (Classic VPN gateway) */ sourceGateway?: string; /** Local VPN gateway's IP address. */ sourceGatewayIp?: string; /** URI of the VPN tunnel. Format: `projects/{project_id}/regions/{region}/vpnTunnels/{vpn_tunnel_id}` */ uri?: string; } interface OperationsResource { /** Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. */ cancel(request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation resource to be cancelled. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Request body */ resource: CancelOperationRequest; }): Request<{}>; cancel( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation resource to be cancelled. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }, body: CancelOperationRequest, ): Request<{}>; /** Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. */ delete(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation resource to be deleted. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request<{}>; /** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */ get(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation resource. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. */ list(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** The standard list filter. */ filter?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation's parent resource. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** The standard list page size. */ pageSize?: number; /** The standard list page token. */ pageToken?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** When set to `true`, operations that are reachable are returned as normal, and those that are unreachable are returned in the ListOperationsResponse.unreachable field. This can only be `true` when reading across collections. For example, when `parent` is set to `"projects/example/locations/-"`. This field is not supported by default and will result in an `UNIMPLEMENTED` error if set unless explicitly documented otherwise in service or product specific documentation. */ returnPartialSuccess?: boolean; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; } interface GlobalResource { operations: OperationsResource; } interface VpcFlowLogsConfigsResource { /** Creates a new `VpcFlowLogsConfig`. If a configuration with the exact same settings already exists (even if the ID is different), the creation fails. Notes: 1. Creating a configuration with `state=DISABLED` will fail 2. The following fields are not considered as settings for the purpose of the check mentioned above, therefore - creating another configuration with the same fields but different values for the following fields will fail as well: * name * create_time * update_time * labels * description */ create(request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Required. The parent resource of the VpcFlowLogsConfig to create, in one of the following formats: - For project-level resources: `projects/{project_id}/locations/global` - For organization-level resources: `organizations/{organization_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Required. ID of the `VpcFlowLogsConfig`. */ vpcFlowLogsConfigId?: string; /** Request body */ resource: VpcFlowLogsConfig; }): Request; create( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Required. The parent resource of the VpcFlowLogsConfig to create, in one of the following formats: - For project-level resources: `projects/{project_id}/locations/global` - For organization-level resources: `organizations/{organization_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Required. ID of the `VpcFlowLogsConfig`. */ vpcFlowLogsConfigId?: string; }, body: VpcFlowLogsConfig, ): Request; /** Deletes a specific `VpcFlowLogsConfig`. */ delete(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Required. The resource name of the VpcFlowLogsConfig, in one of the following formats: - For a project-level resource: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For an organization-level resource: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Gets the details of a specific `VpcFlowLogsConfig`. */ get(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Required. The resource name of the VpcFlowLogsConfig, in one of the following formats: - For project-level resources: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For organization-level resources: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Lists all `VpcFlowLogsConfigs` in a given organization. */ list(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** Optional. Lists the `VpcFlowLogsConfigs` that match the filter expression. A filter expression must use the supported [CEL logic operators] (https://cloud.google.com/vpc/docs/about-flow-logs-records#supported_cel_logic_operators). */ filter?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Optional. Field to use to sort the list. */ orderBy?: string; /** Optional. Number of `VpcFlowLogsConfigs` to return. */ pageSize?: number; /** Optional. Page token from an earlier query, as returned in `next_page_token`. */ pageToken?: string; /** Required. The parent resource of the VpcFlowLogsConfig, in one of the following formats: - For project-level resources: `projects/{project_id}/locations/global` - For organization-level resources: `organizations/{organization_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Updates an existing `VpcFlowLogsConfig`. If a configuration with the exact same settings already exists (even if the ID is different), the creation fails. Notes: 1. Updating a configuration with `state=DISABLED` will fail 2. The following fields are not considered as settings for the purpose of the check mentioned above, therefore - updating another configuration with the same fields but different values for the following fields will fail as well: * name * create_time * update_time * labels * description */ patch(request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Identifier. Unique name of the configuration. The name can have one of the following forms: - For project-level configurations: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For organization-level configurations: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Required. Mask of fields to update. At least one path must be supplied in this field. For example, to change the state of the configuration to ENABLED, specify `update_mask` = `"state"`, and the `vpc_flow_logs_config` would be: `vpc_flow_logs_config = { name = "projects/my-project/locations/global/vpcFlowLogsConfigs/my-config" state = "ENABLED" }` */ updateMask?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Request body */ resource: VpcFlowLogsConfig; }): Request; patch( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Identifier. Unique name of the configuration. The name can have one of the following forms: - For project-level configurations: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For organization-level configurations: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Required. Mask of fields to update. At least one path must be supplied in this field. For example, to change the state of the configuration to ENABLED, specify `update_mask` = `"state"`, and the `vpc_flow_logs_config` would be: `vpc_flow_logs_config = { name = "projects/my-project/locations/global/vpcFlowLogsConfigs/my-config" state = "ENABLED" }` */ updateMask?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }, body: VpcFlowLogsConfig, ): Request; } interface LocationsResource { /** Gets information about a location. */ get(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Resource name for the location. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Lists information about the supported locations for this service. This method lists locations based on the resource scope provided in the ListLocationsRequest.name field: * **Global locations**: If `name` is empty, the method lists the public locations available to all projects. * **Project-specific locations**: If `name` follows the format `projects/{project}`, the method lists locations visible to that specific project. This includes public, private, or other project-specific locations enabled for the project. For gRPC and client library implementations, the resource name is passed as the `name` field. For direct service calls, the resource name is incorporated into the request path based on the specific service implementation and version. */ list(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Optional. Do not use this field unless explicitly documented otherwise. This is primarily for internal usage. */ extraLocationTypes?: string | string[]; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** A filter to narrow down results to a preferred subset. The filtering language accepts strings like `"displayName=tokyo"`, and is documented in more detail in [AIP-160](https://google.aip.dev/160). */ filter?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The resource that owns the locations collection, if applicable. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** The maximum number of results to return. If not set, the service selects a default. */ pageSize?: number; /** A page token received from the `next_page_token` field in the response. Send that page token to receive the subsequent page. */ pageToken?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; global: GlobalResource; vpcFlowLogsConfigs: VpcFlowLogsConfigsResource; } interface OrganizationsResource { locations: LocationsResource; } interface ConnectivityTestsResource { /** Creates a new Connectivity Test. After you create a test, the reachability analysis is performed as part of the long running operation, which completes when the analysis completes. If the endpoint specifications in `ConnectivityTest` are invalid (for example, containing non-existent resources in the network, or you don't have read permissions to the network configurations of listed projects), then the reachability result returns a value of `UNKNOWN`. If the endpoint specifications in `ConnectivityTest` are incomplete, the reachability result returns a value of AMBIGUOUS. For more information, see the Connectivity Test documentation. */ create(request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Required. The parent resource of the Connectivity Test to create: `projects/{project_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Required. The logical name of the Connectivity Test in your project with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-40 characters. * Must end with a number or a letter. * Must be unique within the customer project */ testId?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Request body */ resource: ConnectivityTest; }): Request; create( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Required. The parent resource of the Connectivity Test to create: `projects/{project_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Required. The logical name of the Connectivity Test in your project with the following restrictions: * Must contain only lowercase letters, numbers, and hyphens. * Must start with a letter. * Must be between 1-40 characters. * Must end with a number or a letter. * Must be unique within the customer project */ testId?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }, body: ConnectivityTest, ): Request; /** Deletes a specific `ConnectivityTest`. */ delete(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Required. Connectivity Test resource name using the form: `projects/{project_id}/locations/global/connectivityTests/{test_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Gets the details of a specific Connectivity Test. */ get(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Required. `ConnectivityTest` resource name using the form: `projects/{project_id}/locations/global/connectivityTests/{test_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. */ getIamPolicy(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). */ 'options.requestedPolicyVersion'?: number; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field. */ resource: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Lists all Connectivity Tests owned by a project. */ list(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** Lists the `ConnectivityTests` that match the filter expression. A filter expression filters the resources listed in the response. The expression must be of the form ` ` where operators: `<`, `>`, `<=`, `>=`, `!=`, `=`, `:` are supported (colon `:` represents a HAS operator which is roughly synonymous with equality). can refer to a proto or JSON field, or a synthetic field. Field names can be camelCase or snake_case. Examples: - Filter by name: name = "projects/proj-1/locations/global/connectivityTests/test-1 - Filter by labels: - Resources that have a key called `foo` labels.foo:* - Resources that have a key called `foo` whose value is `bar` labels.foo = bar */ filter?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Field to use to sort the list. */ orderBy?: string; /** Number of `ConnectivityTests` to return. */ pageSize?: number; /** Page token from an earlier query, as returned in `next_page_token`. */ pageToken?: string; /** Required. The parent resource of the Connectivity Tests: `projects/{project_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Updates the configuration of an existing `ConnectivityTest`. After you update a test, the reachability analysis is performed as part of the long running operation, which completes when the analysis completes. The Reachability state in the test resource is updated with the new result. If the endpoint specifications in `ConnectivityTest` are invalid (for example, they contain non-existent resources in the network, or the user does not have read permissions to the network configurations of listed projects), then the reachability result returns a value of UNKNOWN. If the endpoint specifications in `ConnectivityTest` are incomplete, the reachability result returns a value of `AMBIGUOUS`. See the documentation in `ConnectivityTest` for more details. */ patch(request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Identifier. Unique name of the resource using the form: `projects/{project_id}/locations/global/connectivityTests/{test}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Required. Mask of fields to update. At least one path must be supplied in this field. */ updateMask?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Request body */ resource: ConnectivityTest; }): Request; patch( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Identifier. Unique name of the resource using the form: `projects/{project_id}/locations/global/connectivityTests/{test}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Required. Mask of fields to update. At least one path must be supplied in this field. */ updateMask?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }, body: ConnectivityTest, ): Request; /** Rerun an existing `ConnectivityTest`. After the user triggers the rerun, the reachability analysis is performed as part of the long running operation, which completes when the analysis completes. Even though the test configuration remains the same, the reachability result may change due to underlying network configuration changes. If the endpoint specifications in `ConnectivityTest` become invalid (for example, specified resources are deleted in the network, or you lost read permissions to the network configurations of listed projects), then the reachability result returns a value of `UNKNOWN`. */ rerun(request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Required. Connectivity Test resource name using the form: `projects/{project_id}/locations/global/connectivityTests/{test_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Request body */ resource: RerunConnectivityTestRequest; }): Request; rerun( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Required. Connectivity Test resource name using the form: `projects/{project_id}/locations/global/connectivityTests/{test_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }, body: RerunConnectivityTestRequest, ): Request; /** Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. */ setIamPolicy( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field. */ resource: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }, body: SetIamPolicyRequest, ): Request; /** Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. */ testIamPermissions( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field. */ resource: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }, body: TestIamPermissionsRequest, ): Request; } interface OperationsResource { /** Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of `1`, corresponding to `Code.CANCELLED`. */ cancel(request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation resource to be cancelled. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Request body */ resource: CancelOperationRequest; }): Request<{}>; cancel( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation resource to be cancelled. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }, body: CancelOperationRequest, ): Request<{}>; /** Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. */ delete(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation resource to be deleted. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request<{}>; /** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */ get(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation resource. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. */ list(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** The standard list filter. */ filter?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The name of the operation's parent resource. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** The standard list page size. */ pageSize?: number; /** The standard list page token. */ pageToken?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** When set to `true`, operations that are reachable are returned as normal, and those that are unreachable are returned in the ListOperationsResponse.unreachable field. This can only be `true` when reading across collections. For example, when `parent` is set to `"projects/example/locations/-"`. This field is not supported by default and will result in an `UNIMPLEMENTED` error if set unless explicitly documented otherwise in service or product specific documentation. */ returnPartialSuccess?: boolean; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; } interface GlobalResource { connectivityTests: ConnectivityTestsResource; operations: OperationsResource; } interface VpcFlowLogsConfigsResource { /** Creates a new `VpcFlowLogsConfig`. If a configuration with the exact same settings already exists (even if the ID is different), the creation fails. Notes: 1. Creating a configuration with `state=DISABLED` will fail 2. The following fields are not considered as settings for the purpose of the check mentioned above, therefore - creating another configuration with the same fields but different values for the following fields will fail as well: * name * create_time * update_time * labels * description */ create(request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Required. The parent resource of the VpcFlowLogsConfig to create, in one of the following formats: - For project-level resources: `projects/{project_id}/locations/global` - For organization-level resources: `organizations/{organization_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Required. ID of the `VpcFlowLogsConfig`. */ vpcFlowLogsConfigId?: string; /** Request body */ resource: VpcFlowLogsConfig; }): Request; create( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Required. The parent resource of the VpcFlowLogsConfig to create, in one of the following formats: - For project-level resources: `projects/{project_id}/locations/global` - For organization-level resources: `organizations/{organization_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Required. ID of the `VpcFlowLogsConfig`. */ vpcFlowLogsConfigId?: string; }, body: VpcFlowLogsConfig, ): Request; /** Deletes a specific `VpcFlowLogsConfig`. */ delete(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Required. The resource name of the VpcFlowLogsConfig, in one of the following formats: - For a project-level resource: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For an organization-level resource: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Gets the details of a specific `VpcFlowLogsConfig`. */ get(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Required. The resource name of the VpcFlowLogsConfig, in one of the following formats: - For project-level resources: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For organization-level resources: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Lists all `VpcFlowLogsConfigs` in a given project. */ list(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** Optional. Lists the `VpcFlowLogsConfigs` that match the filter expression. A filter expression must use the supported [CEL logic operators] (https://cloud.google.com/vpc/docs/about-flow-logs-records#supported_cel_logic_operators). */ filter?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Optional. Field to use to sort the list. */ orderBy?: string; /** Optional. Number of `VpcFlowLogsConfigs` to return. */ pageSize?: number; /** Optional. Page token from an earlier query, as returned in `next_page_token`. */ pageToken?: string; /** Required. The parent resource of the VpcFlowLogsConfig, in one of the following formats: - For project-level resources: `projects/{project_id}/locations/global` - For organization-level resources: `organizations/{organization_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Updates an existing `VpcFlowLogsConfig`. If a configuration with the exact same settings already exists (even if the ID is different), the creation fails. Notes: 1. Updating a configuration with `state=DISABLED` will fail 2. The following fields are not considered as settings for the purpose of the check mentioned above, therefore - updating another configuration with the same fields but different values for the following fields will fail as well: * name * create_time * update_time * labels * description */ patch(request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Identifier. Unique name of the configuration. The name can have one of the following forms: - For project-level configurations: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For organization-level configurations: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Required. Mask of fields to update. At least one path must be supplied in this field. For example, to change the state of the configuration to ENABLED, specify `update_mask` = `"state"`, and the `vpc_flow_logs_config` would be: `vpc_flow_logs_config = { name = "projects/my-project/locations/global/vpcFlowLogsConfigs/my-config" state = "ENABLED" }` */ updateMask?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** Request body */ resource: VpcFlowLogsConfig; }): Request; patch( request: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Identifier. Unique name of the configuration. The name can have one of the following forms: - For project-level configurations: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For organization-level configurations: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Required. Mask of fields to update. At least one path must be supplied in this field. For example, to change the state of the configuration to ENABLED, specify `update_mask` = `"state"`, and the `vpc_flow_logs_config` would be: `vpc_flow_logs_config = { name = "projects/my-project/locations/global/vpcFlowLogsConfigs/my-config" state = "ENABLED" }` */ updateMask?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }, body: VpcFlowLogsConfig, ): Request; /** QueryOrgVpcFlowLogsConfigs returns a list of all organization-level VPC Flow Logs configurations applicable to the specified project. */ queryOrgVpcFlowLogsConfigs(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** Optional. Lists the `VpcFlowLogsConfigs` that match the filter expression. A filter expression must use the supported [CEL logic operators] (https://cloud.google.com/vpc/docs/about-flow-logs-records#supported_cel_logic_operators). */ filter?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Optional. Number of `VpcFlowLogsConfigs` to return. */ pageSize?: number; /** Optional. Page token from an earlier query, as returned in `next_page_token`. */ pageToken?: string; /** Required. The parent resource of the VpcFlowLogsConfig, specified in the following format: `projects/{project_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** ShowEffectiveFlowLogsConfigs returns a list of all VPC Flow Logs configurations applicable to a specified resource. */ showEffectiveFlowLogsConfigs(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** Optional. Lists the `EffectiveVpcFlowLogsConfigs` that match the filter expression. A filter expression must use the supported [CEL logic operators] (https://cloud.google.com/vpc/docs/about-flow-logs-records#supported_cel_logic_operators). */ filter?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Optional. Number of `EffectiveVpcFlowLogsConfigs` to return. Default is 30. */ pageSize?: number; /** Optional. Page token from an earlier query, as returned in `next_page_token`. */ pageToken?: string; /** Required. The parent resource of the VpcFlowLogsConfig, specified in the following format: `projects/{project_id}/locations/global` */ parent: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Required. The resource to get the effective VPC Flow Logs configuration for. The resource must belong to the same project as the parent. The resource must be a network, subnetwork, interconnect attachment, VPN tunnel, or a project. */ resource?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; } interface LocationsResource { /** Gets information about a location. */ get(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** Resource name for the location. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; /** Lists information about the supported locations for this service. This method lists locations based on the resource scope provided in the ListLocationsRequest.name field: * **Global locations**: If `name` is empty, the method lists the public locations available to all projects. * **Project-specific locations**: If `name` follows the format `projects/{project}`, the method lists locations visible to that specific project. This includes public, private, or other project-specific locations enabled for the project. For gRPC and client library implementations, the resource name is passed as the `name` field. For direct service calls, the resource name is incorporated into the request path based on the specific service implementation and version. */ list(request?: { /** V1 error format. */ '$.xgafv'?: '1' | '2'; /** OAuth access token. */ access_token?: string; /** Data format for response. */ alt?: 'json' | 'media' | 'proto'; /** JSONP */ callback?: string; /** Optional. Do not use this field unless explicitly documented otherwise. This is primarily for internal usage. */ extraLocationTypes?: string | string[]; /** Selector specifying which fields to include in a partial response. */ fields?: string; /** A filter to narrow down results to a preferred subset. The filtering language accepts strings like `"displayName=tokyo"`, and is documented in more detail in [AIP-160](https://google.aip.dev/160). */ filter?: string; /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** The resource that owns the locations collection, if applicable. */ name: string; /** OAuth 2.0 token for the current user. */ oauth_token?: string; /** The maximum number of results to return. If not set, the service selects a default. */ pageSize?: number; /** A page token received from the `next_page_token` field in the response. Send that page token to receive the subsequent page. */ pageToken?: string; /** Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; /** Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; }): Request; global: GlobalResource; vpcFlowLogsConfigs: VpcFlowLogsConfigsResource; } interface ProjectsResource { locations: LocationsResource; } const organizations: OrganizationsResource; const projects: ProjectsResource; } }