1// Copyright 2023 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.connectors.v1; 18 19import "google/api/field_behavior.proto"; 20import "google/protobuf/timestamp.proto"; 21 22option go_package = "cloud.google.com/go/connectors/apiv1/connectorspb;connectorspb"; 23option java_multiple_files = true; 24option java_outer_classname = "CommonProto"; 25option java_package = "com.google.cloud.connectors.v1"; 26 27// Represents the metadata of the long-running operation. 28message OperationMetadata { 29 // Output only. The time the operation was created. 30 google.protobuf.Timestamp create_time = 1 31 [(google.api.field_behavior) = OUTPUT_ONLY]; 32 33 // Output only. The time the operation finished running. 34 google.protobuf.Timestamp end_time = 2 35 [(google.api.field_behavior) = OUTPUT_ONLY]; 36 37 // Output only. Server-defined resource path for the target of the operation. 38 string target = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 39 40 // Output only. Name of the verb executed by the operation. 41 string verb = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 42 43 // Output only. Human-readable status of the operation, if any. 44 string status_message = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; 45 46 // Output only. Identifies whether the user has requested cancellation 47 // of the operation. Operations that have successfully been cancelled 48 // have [Operation.error][] value with a 49 // [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to 50 // `Code.CANCELLED`. 51 bool requested_cancellation = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; 52 53 // Output only. API version used to start the operation. 54 string api_version = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; 55} 56 57// ConfigVariableTemplate provides metadata about a `ConfigVariable` that is 58// used in a Connection. 59message ConfigVariableTemplate { 60 // ValueType indicates the data type of the value. 61 enum ValueType { 62 // Value type is not specified. 63 VALUE_TYPE_UNSPECIFIED = 0; 64 65 // Value type is string. 66 STRING = 1; 67 68 // Value type is integer. 69 INT = 2; 70 71 // Value type is boolean. 72 BOOL = 3; 73 74 // Value type is secret. 75 SECRET = 4; 76 77 // Value type is enum. 78 ENUM = 5; 79 80 // Value type is authorization code. 81 AUTHORIZATION_CODE = 6; 82 } 83 84 // Indicates the state of the config variable. 85 enum State { 86 // Status is unspecified. 87 STATE_UNSPECIFIED = 0; 88 89 // Config variable is active 90 ACTIVE = 1; 91 92 // Config variable is deprecated. 93 DEPRECATED = 2; 94 } 95 96 // Key of the config variable. 97 string key = 1; 98 99 // Type of the parameter: string, int, bool etc. 100 // consider custom type for the benefit for the validation. 101 ValueType value_type = 2; 102 103 // Display name of the parameter. 104 string display_name = 3; 105 106 // Description. 107 string description = 4; 108 109 // Regular expression in RE2 syntax used for validating the `value` of a 110 // `ConfigVariable`. 111 string validation_regex = 5; 112 113 // Flag represents that this `ConfigVariable` must be provided for a 114 // connection. 115 bool required = 6; 116 117 // Role grant configuration for the config variable. 118 RoleGrant role_grant = 7; 119 120 // Enum options. To be populated if `ValueType` is `ENUM` 121 repeated EnumOption enum_options = 8; 122 123 // Authorization code link options. To be populated if `ValueType` is 124 // `AUTHORIZATION_CODE` 125 AuthorizationCodeLink authorization_code_link = 9; 126 127 // State of the config variable. 128 State state = 10; 129 130 // Indicates if current template is part of advanced settings 131 bool is_advanced = 11; 132} 133 134// Secret provides a reference to entries in Secret Manager. 135message Secret { 136 // The resource name of the secret version in the format, 137 // format as: `projects/*/secrets/*/versions/*`. 138 string secret_version = 1; 139} 140 141// EnumOption definition 142message EnumOption { 143 // Id of the option. 144 string id = 1; 145 146 // Display name of the option. 147 string display_name = 2; 148} 149 150// ConfigVariable represents a configuration variable present in a Connection. 151// or AuthConfig. 152message ConfigVariable { 153 // Key of the config variable. 154 string key = 1; 155 156 // Value type of the config variable. 157 oneof value { 158 // Value is an integer 159 int64 int_value = 2; 160 161 // Value is a bool. 162 bool bool_value = 3; 163 164 // Value is a string. 165 string string_value = 4; 166 167 // Value is a secret. 168 Secret secret_value = 5; 169 } 170} 171 172// This configuration defines all the Cloud IAM roles that needs to be granted 173// to a particular GCP resource for the selected prinicpal like service 174// account. These configurations will let UI display to customers what 175// IAM roles need to be granted by them. Or these configurations can be used 176// by the UI to render a 'grant' button to do the same on behalf of the user. 177message RoleGrant { 178 // Supported Principal values. 179 enum Principal { 180 // Value type is not specified. 181 PRINCIPAL_UNSPECIFIED = 0; 182 183 // Service Account used for Connector workload identity 184 // This is either the default service account if unspecified or Service 185 // Account provided by Customers through BYOSA. 186 CONNECTOR_SA = 1; 187 } 188 189 // Resource definition 190 message Resource { 191 // Resource Type definition. 192 enum Type { 193 // Value type is not specified. 194 TYPE_UNSPECIFIED = 0; 195 196 // GCP Project Resource. 197 GCP_PROJECT = 1; 198 199 // Any GCP Resource which is identified uniquely by IAM. 200 GCP_RESOURCE = 2; 201 202 // GCP Secret Resource. 203 GCP_SECRETMANAGER_SECRET = 3; 204 205 // GCP Secret Version Resource. 206 GCP_SECRETMANAGER_SECRET_VERSION = 4; 207 } 208 209 // Different types of resource supported. 210 Type type = 1; 211 212 // Template to uniquely represent a GCP resource in a format IAM expects 213 // This is a template that can have references to other values provided in 214 // the config variable template. 215 string path_template = 3; 216 } 217 218 // Prinicipal/Identity for whom the role need to assigned. 219 Principal principal = 1; 220 221 // List of roles that need to be granted. 222 repeated string roles = 2; 223 224 // Resource on which the roles needs to be granted for the principal. 225 Resource resource = 3; 226 227 // Template that UI can use to provide helper text to customers. 228 string helper_text_template = 4; 229} 230 231// This configuration captures the details required to render an authorization 232// link for the OAuth Authorization Code Flow. 233message AuthorizationCodeLink { 234 // The base URI the user must click to trigger the authorization code login 235 // flow. 236 string uri = 1; 237 238 // The scopes for which the user will authorize GCP Connectors on the 239 // connector data source. 240 repeated string scopes = 2; 241 242 // The client ID assigned to the GCP Connectors OAuth app for the connector 243 // data source. 244 string client_id = 3; 245 246 // Whether to enable PKCE for the auth code flow. 247 bool enable_pkce = 4; 248} 249 250// LaunchStage is a enum to indicate launch stage: 251// PREVIEW, GA, DEPRECATED, PRIVATE_PREVIEW. 252enum LaunchStage { 253 // LAUNCH_STAGE_UNSPECIFIED. 254 LAUNCH_STAGE_UNSPECIFIED = 0; 255 256 // PREVIEW. 257 PREVIEW = 1; 258 259 // GA. 260 GA = 2; 261 262 // DEPRECATED. 263 DEPRECATED = 3; 264 265 // PRIVATE_PREVIEW. 266 PRIVATE_PREVIEW = 5; 267} 268