1// Copyright 2022 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.appengine.v1; 18 19import "google/api/annotations.proto"; 20import "google/api/client.proto"; 21import "google/appengine/v1/application.proto"; 22import "google/appengine/v1/certificate.proto"; 23import "google/appengine/v1/domain.proto"; 24import "google/appengine/v1/domain_mapping.proto"; 25import "google/appengine/v1/firewall.proto"; 26import "google/appengine/v1/instance.proto"; 27import "google/appengine/v1/service.proto"; 28import "google/appengine/v1/version.proto"; 29import "google/longrunning/operations.proto"; 30import "google/protobuf/empty.proto"; 31import "google/protobuf/field_mask.proto"; 32 33option csharp_namespace = "Google.Cloud.AppEngine.V1"; 34option go_package = "cloud.google.com/go/appengine/apiv1/appenginepb;appenginepb"; 35option java_multiple_files = true; 36option java_outer_classname = "AppengineProto"; 37option java_package = "com.google.appengine.v1"; 38option php_namespace = "Google\\Cloud\\AppEngine\\V1"; 39option ruby_package = "Google::Cloud::AppEngine::V1"; 40 41// Manages App Engine applications. 42service Applications { 43 option (google.api.default_host) = "appengine.googleapis.com"; 44 option (google.api.oauth_scopes) = 45 "https://www.googleapis.com/auth/appengine.admin," 46 "https://www.googleapis.com/auth/cloud-platform," 47 "https://www.googleapis.com/auth/cloud-platform.read-only"; 48 49 // Gets information about an application. 50 rpc GetApplication(GetApplicationRequest) returns (Application) { 51 option (google.api.http) = { 52 get: "/v1/{name=apps/*}" 53 }; 54 option (google.api.method_signature) = "name"; 55 } 56 57 // Creates an App Engine application for a Google Cloud Platform project. 58 // Required fields: 59 // 60 // * `id` - The ID of the target Cloud Platform project. 61 // * *location* - The [region](https://cloud.google.com/appengine/docs/locations) where you want the App Engine application located. 62 // 63 // For more information about App Engine applications, see [Managing Projects, Applications, and Billing](https://cloud.google.com/appengine/docs/standard/python/console/). 64 rpc CreateApplication(CreateApplicationRequest) returns (google.longrunning.Operation) { 65 option (google.api.http) = { 66 post: "/v1/apps" 67 body: "application" 68 }; 69 option (google.longrunning.operation_info) = { 70 response_type: "Application" 71 metadata_type: "OperationMetadataV1" 72 }; 73 } 74 75 // Updates the specified Application resource. 76 // You can update the following fields: 77 // 78 // * `auth_domain` - Google authentication domain for controlling user access to the application. 79 // * `default_cookie_expiration` - Cookie expiration policy for the application. 80 // * `iap` - Identity-Aware Proxy properties for the application. 81 rpc UpdateApplication(UpdateApplicationRequest) returns (google.longrunning.Operation) { 82 option (google.api.http) = { 83 patch: "/v1/{name=apps/*}" 84 body: "application" 85 }; 86 option (google.longrunning.operation_info) = { 87 response_type: "Application" 88 metadata_type: "OperationMetadataV1" 89 }; 90 } 91 92 // Recreates the required App Engine features for the specified App Engine 93 // application, for example a Cloud Storage bucket or App Engine service 94 // account. 95 // Use this method if you receive an error message about a missing feature, 96 // for example, *Error retrieving the App Engine service account*. 97 // If you have deleted your App Engine service account, this will 98 // not be able to recreate it. Instead, you should attempt to use the 99 // IAM undelete API if possible at https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts/undelete?apix_params=%7B"name"%3A"projects%2F-%2FserviceAccounts%2Funique_id"%2C"resource"%3A%7B%7D%7D . 100 // If the deletion was recent, the numeric ID can be found in the Cloud 101 // Console Activity Log. 102 rpc RepairApplication(RepairApplicationRequest) returns (google.longrunning.Operation) { 103 option (google.api.http) = { 104 post: "/v1/{name=apps/*}:repair" 105 body: "*" 106 }; 107 option (google.longrunning.operation_info) = { 108 response_type: "Application" 109 metadata_type: "OperationMetadataV1" 110 }; 111 } 112} 113 114// Request message for `Applications.GetApplication`. 115message GetApplicationRequest { 116 // Name of the Application resource to get. Example: `apps/myapp`. 117 string name = 1; 118} 119 120// Request message for `Applications.CreateApplication`. 121message CreateApplicationRequest { 122 // Application configuration. 123 Application application = 2; 124} 125 126// Request message for `Applications.UpdateApplication`. 127message UpdateApplicationRequest { 128 // Name of the Application resource to update. Example: `apps/myapp`. 129 string name = 1; 130 131 // An Application containing the updated resource. 132 Application application = 2; 133 134 // Required. Standard field mask for the set of fields to be updated. 135 google.protobuf.FieldMask update_mask = 3; 136} 137 138// Request message for 'Applications.RepairApplication'. 139message RepairApplicationRequest { 140 // Name of the application to repair. Example: `apps/myapp` 141 string name = 1; 142} 143 144// Manages services of an application. 145service Services { 146 option (google.api.default_host) = "appengine.googleapis.com"; 147 option (google.api.oauth_scopes) = 148 "https://www.googleapis.com/auth/appengine.admin," 149 "https://www.googleapis.com/auth/cloud-platform," 150 "https://www.googleapis.com/auth/cloud-platform.read-only"; 151 152 // Lists all the services in the application. 153 rpc ListServices(ListServicesRequest) returns (ListServicesResponse) { 154 option (google.api.http) = { 155 get: "/v1/{parent=apps/*}/services" 156 }; 157 } 158 159 // Gets the current configuration of the specified service. 160 rpc GetService(GetServiceRequest) returns (Service) { 161 option (google.api.http) = { 162 get: "/v1/{name=apps/*/services/*}" 163 }; 164 } 165 166 // Updates the configuration of the specified service. 167 rpc UpdateService(UpdateServiceRequest) returns (google.longrunning.Operation) { 168 option (google.api.http) = { 169 patch: "/v1/{name=apps/*/services/*}" 170 body: "service" 171 }; 172 option (google.longrunning.operation_info) = { 173 response_type: "Service" 174 metadata_type: "OperationMetadataV1" 175 }; 176 } 177 178 // Deletes the specified service and all enclosed versions. 179 rpc DeleteService(DeleteServiceRequest) returns (google.longrunning.Operation) { 180 option (google.api.http) = { 181 delete: "/v1/{name=apps/*/services/*}" 182 }; 183 option (google.longrunning.operation_info) = { 184 response_type: "google.protobuf.Empty" 185 metadata_type: "OperationMetadataV1" 186 }; 187 } 188} 189 190// Request message for `Services.ListServices`. 191message ListServicesRequest { 192 // Name of the parent Application resource. Example: `apps/myapp`. 193 string parent = 1; 194 195 // Maximum results to return per page. 196 int32 page_size = 2; 197 198 // Continuation token for fetching the next page of results. 199 string page_token = 3; 200} 201 202// Response message for `Services.ListServices`. 203message ListServicesResponse { 204 // The services belonging to the requested application. 205 repeated Service services = 1; 206 207 // Continuation token for fetching the next page of results. 208 string next_page_token = 2; 209} 210 211// Request message for `Services.GetService`. 212message GetServiceRequest { 213 // Name of the resource requested. Example: `apps/myapp/services/default`. 214 string name = 1; 215} 216 217// Request message for `Services.UpdateService`. 218message UpdateServiceRequest { 219 // Name of the resource to update. Example: `apps/myapp/services/default`. 220 string name = 1; 221 222 // A Service resource containing the updated service. Only fields set in the 223 // field mask will be updated. 224 Service service = 2; 225 226 // Required. Standard field mask for the set of fields to be updated. 227 google.protobuf.FieldMask update_mask = 3; 228 229 // Set to `true` to gradually shift traffic to one or more versions that you 230 // specify. By default, traffic is shifted immediately. 231 // For gradual traffic migration, the target versions 232 // must be located within instances that are configured for both 233 // [warmup requests](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#InboundServiceType) 234 // and 235 // [automatic scaling](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#AutomaticScaling). 236 // You must specify the 237 // [`shardBy`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services#ShardBy) 238 // field in the Service resource. Gradual traffic migration is not 239 // supported in the App Engine flexible environment. For examples, see 240 // [Migrating and Splitting Traffic](https://cloud.google.com/appengine/docs/admin-api/migrating-splitting-traffic). 241 bool migrate_traffic = 4; 242} 243 244// Request message for `Services.DeleteService`. 245message DeleteServiceRequest { 246 // Name of the resource requested. Example: `apps/myapp/services/default`. 247 string name = 1; 248} 249 250// Manages versions of a service. 251service Versions { 252 option (google.api.default_host) = "appengine.googleapis.com"; 253 option (google.api.oauth_scopes) = 254 "https://www.googleapis.com/auth/appengine.admin," 255 "https://www.googleapis.com/auth/cloud-platform," 256 "https://www.googleapis.com/auth/cloud-platform.read-only"; 257 258 // Lists the versions of a service. 259 rpc ListVersions(ListVersionsRequest) returns (ListVersionsResponse) { 260 option (google.api.http) = { 261 get: "/v1/{parent=apps/*/services/*}/versions" 262 }; 263 } 264 265 // Gets the specified Version resource. 266 // By default, only a `BASIC_VIEW` will be returned. 267 // Specify the `FULL_VIEW` parameter to get the full resource. 268 rpc GetVersion(GetVersionRequest) returns (Version) { 269 option (google.api.http) = { 270 get: "/v1/{name=apps/*/services/*/versions/*}" 271 }; 272 } 273 274 // Deploys code and resource files to a new version. 275 rpc CreateVersion(CreateVersionRequest) returns (google.longrunning.Operation) { 276 option (google.api.http) = { 277 post: "/v1/{parent=apps/*/services/*}/versions" 278 body: "version" 279 }; 280 option (google.longrunning.operation_info) = { 281 response_type: "Version" 282 metadata_type: "CreateVersionMetadataV1" 283 }; 284 } 285 286 // Updates the specified Version resource. 287 // You can specify the following fields depending on the App Engine 288 // environment and type of scaling that the version resource uses: 289 // 290 // **Standard environment** 291 // 292 // * [`instance_class`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#Version.FIELDS.instance_class) 293 // 294 // *automatic scaling* in the standard environment: 295 // 296 // * [`automatic_scaling.min_idle_instances`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#Version.FIELDS.automatic_scaling) 297 // * [`automatic_scaling.max_idle_instances`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#Version.FIELDS.automatic_scaling) 298 // * [`automaticScaling.standard_scheduler_settings.max_instances`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#StandardSchedulerSettings) 299 // * [`automaticScaling.standard_scheduler_settings.min_instances`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#StandardSchedulerSettings) 300 // * [`automaticScaling.standard_scheduler_settings.target_cpu_utilization`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#StandardSchedulerSettings) 301 // * [`automaticScaling.standard_scheduler_settings.target_throughput_utilization`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#StandardSchedulerSettings) 302 // 303 // *basic scaling* or *manual scaling* in the standard environment: 304 // 305 // * [`serving_status`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#Version.FIELDS.serving_status) 306 // * [`manual_scaling.instances`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#manualscaling) 307 // 308 // **Flexible environment** 309 // 310 // * [`serving_status`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#Version.FIELDS.serving_status) 311 // 312 // *automatic scaling* in the flexible environment: 313 // 314 // * [`automatic_scaling.min_total_instances`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#Version.FIELDS.automatic_scaling) 315 // * [`automatic_scaling.max_total_instances`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#Version.FIELDS.automatic_scaling) 316 // * [`automatic_scaling.cool_down_period_sec`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#Version.FIELDS.automatic_scaling) 317 // * [`automatic_scaling.cpu_utilization.target_utilization`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#Version.FIELDS.automatic_scaling) 318 // 319 // *manual scaling* in the flexible environment: 320 // 321 // * [`manual_scaling.instances`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions#manualscaling) 322 rpc UpdateVersion(UpdateVersionRequest) returns (google.longrunning.Operation) { 323 option (google.api.http) = { 324 patch: "/v1/{name=apps/*/services/*/versions/*}" 325 body: "version" 326 }; 327 option (google.longrunning.operation_info) = { 328 response_type: "Version" 329 metadata_type: "OperationMetadataV1" 330 }; 331 } 332 333 // Deletes an existing Version resource. 334 rpc DeleteVersion(DeleteVersionRequest) returns (google.longrunning.Operation) { 335 option (google.api.http) = { 336 delete: "/v1/{name=apps/*/services/*/versions/*}" 337 }; 338 option (google.longrunning.operation_info) = { 339 response_type: "google.protobuf.Empty" 340 metadata_type: "OperationMetadataV1" 341 }; 342 } 343} 344 345// Request message for `Versions.ListVersions`. 346message ListVersionsRequest { 347 // Name of the parent Service resource. Example: 348 // `apps/myapp/services/default`. 349 string parent = 1; 350 351 // Controls the set of fields returned in the `List` response. 352 VersionView view = 2; 353 354 // Maximum results to return per page. 355 int32 page_size = 3; 356 357 // Continuation token for fetching the next page of results. 358 string page_token = 4; 359} 360 361// Response message for `Versions.ListVersions`. 362message ListVersionsResponse { 363 // The versions belonging to the requested service. 364 repeated Version versions = 1; 365 366 // Continuation token for fetching the next page of results. 367 string next_page_token = 2; 368} 369 370// Fields that should be returned when [Version][google.appengine.v1.Version] resources 371// are retrieved. 372enum VersionView { 373 // Basic version information including scaling and inbound services, 374 // but not detailed deployment information. 375 BASIC = 0; 376 377 // The information from `BASIC`, plus detailed information about the 378 // deployment. This format is required when creating resources, but 379 // is not returned in `Get` or `List` by default. 380 FULL = 1; 381} 382 383// Request message for `Versions.GetVersion`. 384message GetVersionRequest { 385 // Name of the resource requested. Example: 386 // `apps/myapp/services/default/versions/v1`. 387 string name = 1; 388 389 // Controls the set of fields returned in the `Get` response. 390 VersionView view = 2; 391} 392 393// Request message for `Versions.CreateVersion`. 394message CreateVersionRequest { 395 // Name of the parent resource to create this version under. Example: 396 // `apps/myapp/services/default`. 397 string parent = 1; 398 399 // Application deployment configuration. 400 Version version = 2; 401} 402 403// Request message for `Versions.UpdateVersion`. 404message UpdateVersionRequest { 405 // Name of the resource to update. Example: 406 // `apps/myapp/services/default/versions/1`. 407 string name = 1; 408 409 // A Version containing the updated resource. Only fields set in the field 410 // mask will be updated. 411 Version version = 2; 412 413 // Standard field mask for the set of fields to be updated. 414 google.protobuf.FieldMask update_mask = 3; 415} 416 417// Request message for `Versions.DeleteVersion`. 418message DeleteVersionRequest { 419 // Name of the resource requested. Example: 420 // `apps/myapp/services/default/versions/v1`. 421 string name = 1; 422} 423 424// Manages instances of a version. 425service Instances { 426 option (google.api.default_host) = "appengine.googleapis.com"; 427 option (google.api.oauth_scopes) = 428 "https://www.googleapis.com/auth/appengine.admin," 429 "https://www.googleapis.com/auth/cloud-platform," 430 "https://www.googleapis.com/auth/cloud-platform.read-only"; 431 432 // Lists the instances of a version. 433 // 434 // Tip: To aggregate details about instances over time, see the 435 // [Stackdriver Monitoring API](https://cloud.google.com/monitoring/api/ref_v3/rest/v3/projects.timeSeries/list). 436 rpc ListInstances(ListInstancesRequest) returns (ListInstancesResponse) { 437 option (google.api.http) = { 438 get: "/v1/{parent=apps/*/services/*/versions/*}/instances" 439 }; 440 } 441 442 // Gets instance information. 443 rpc GetInstance(GetInstanceRequest) returns (Instance) { 444 option (google.api.http) = { 445 get: "/v1/{name=apps/*/services/*/versions/*/instances/*}" 446 }; 447 } 448 449 // Stops a running instance. 450 // 451 // The instance might be automatically recreated based on the scaling settings 452 // of the version. For more information, see "How Instances are Managed" 453 // ([standard environment](https://cloud.google.com/appengine/docs/standard/python/how-instances-are-managed) | 454 // [flexible environment](https://cloud.google.com/appengine/docs/flexible/python/how-instances-are-managed)). 455 // 456 // To ensure that instances are not re-created and avoid getting billed, you 457 // can stop all instances within the target version by changing the serving 458 // status of the version to `STOPPED` with the 459 // [`apps.services.versions.patch`](https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.services.versions/patch) 460 // method. 461 rpc DeleteInstance(DeleteInstanceRequest) returns (google.longrunning.Operation) { 462 option (google.api.http) = { 463 delete: "/v1/{name=apps/*/services/*/versions/*/instances/*}" 464 }; 465 option (google.longrunning.operation_info) = { 466 response_type: "google.protobuf.Empty" 467 metadata_type: "OperationMetadataV1" 468 }; 469 } 470 471 // Enables debugging on a VM instance. This allows you to use the SSH 472 // command to connect to the virtual machine where the instance lives. 473 // While in "debug mode", the instance continues to serve live traffic. 474 // You should delete the instance when you are done debugging and then 475 // allow the system to take over and determine if another instance 476 // should be started. 477 // 478 // Only applicable for instances in App Engine flexible environment. 479 rpc DebugInstance(DebugInstanceRequest) returns (google.longrunning.Operation) { 480 option (google.api.http) = { 481 post: "/v1/{name=apps/*/services/*/versions/*/instances/*}:debug" 482 body: "*" 483 }; 484 option (google.longrunning.operation_info) = { 485 response_type: "Instance" 486 metadata_type: "OperationMetadataV1" 487 }; 488 } 489} 490 491// Request message for `Instances.ListInstances`. 492message ListInstancesRequest { 493 // Name of the parent Version resource. Example: 494 // `apps/myapp/services/default/versions/v1`. 495 string parent = 1; 496 497 // Maximum results to return per page. 498 int32 page_size = 2; 499 500 // Continuation token for fetching the next page of results. 501 string page_token = 3; 502} 503 504// Response message for `Instances.ListInstances`. 505message ListInstancesResponse { 506 // The instances belonging to the requested version. 507 repeated Instance instances = 1; 508 509 // Continuation token for fetching the next page of results. 510 string next_page_token = 2; 511} 512 513// Request message for `Instances.GetInstance`. 514message GetInstanceRequest { 515 // Name of the resource requested. Example: 516 // `apps/myapp/services/default/versions/v1/instances/instance-1`. 517 string name = 1; 518} 519 520// Request message for `Instances.DeleteInstance`. 521message DeleteInstanceRequest { 522 // Name of the resource requested. Example: 523 // `apps/myapp/services/default/versions/v1/instances/instance-1`. 524 string name = 1; 525} 526 527// Request message for `Instances.DebugInstance`. 528message DebugInstanceRequest { 529 // Name of the resource requested. Example: 530 // `apps/myapp/services/default/versions/v1/instances/instance-1`. 531 string name = 1; 532 533 // Public SSH key to add to the instance. Examples: 534 // 535 // * `[USERNAME]:ssh-rsa [KEY_VALUE] [USERNAME]` 536 // * `[USERNAME]:ssh-rsa [KEY_VALUE] google-ssh {"userName":"[USERNAME]","expireOn":"[EXPIRE_TIME]"}` 537 // 538 // For more information, see 539 // [Adding and Removing SSH Keys](https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys). 540 string ssh_key = 2; 541} 542 543// Firewall resources are used to define a collection of access control rules 544// for an Application. Each rule is defined with a position which specifies 545// the rule's order in the sequence of rules, an IP range to be matched against 546// requests, and an action to take upon matching requests. 547// 548// Every request is evaluated against the Firewall rules in priority order. 549// Processesing stops at the first rule which matches the request's IP address. 550// A final rule always specifies an action that applies to all remaining 551// IP addresses. The default final rule for a newly-created application will be 552// set to "allow" if not otherwise specified by the user. 553service Firewall { 554 option (google.api.default_host) = "appengine.googleapis.com"; 555 option (google.api.oauth_scopes) = 556 "https://www.googleapis.com/auth/appengine.admin," 557 "https://www.googleapis.com/auth/cloud-platform," 558 "https://www.googleapis.com/auth/cloud-platform.read-only"; 559 560 // Lists the firewall rules of an application. 561 rpc ListIngressRules(ListIngressRulesRequest) returns (ListIngressRulesResponse) { 562 option (google.api.http) = { 563 get: "/v1/{parent=apps/*}/firewall/ingressRules" 564 }; 565 } 566 567 // Replaces the entire firewall ruleset in one bulk operation. This overrides 568 // and replaces the rules of an existing firewall with the new rules. 569 // 570 // If the final rule does not match traffic with the '*' wildcard IP range, 571 // then an "allow all" rule is explicitly added to the end of the list. 572 rpc BatchUpdateIngressRules(BatchUpdateIngressRulesRequest) returns (BatchUpdateIngressRulesResponse) { 573 option (google.api.http) = { 574 post: "/v1/{name=apps/*/firewall/ingressRules}:batchUpdate" 575 body: "*" 576 }; 577 } 578 579 // Creates a firewall rule for the application. 580 rpc CreateIngressRule(CreateIngressRuleRequest) returns (google.appengine.v1.FirewallRule) { 581 option (google.api.http) = { 582 post: "/v1/{parent=apps/*}/firewall/ingressRules" 583 body: "rule" 584 }; 585 } 586 587 // Gets the specified firewall rule. 588 rpc GetIngressRule(GetIngressRuleRequest) returns (google.appengine.v1.FirewallRule) { 589 option (google.api.http) = { 590 get: "/v1/{name=apps/*/firewall/ingressRules/*}" 591 }; 592 } 593 594 // Updates the specified firewall rule. 595 rpc UpdateIngressRule(UpdateIngressRuleRequest) returns (google.appengine.v1.FirewallRule) { 596 option (google.api.http) = { 597 patch: "/v1/{name=apps/*/firewall/ingressRules/*}" 598 body: "rule" 599 }; 600 } 601 602 // Deletes the specified firewall rule. 603 rpc DeleteIngressRule(DeleteIngressRuleRequest) returns (google.protobuf.Empty) { 604 option (google.api.http) = { 605 delete: "/v1/{name=apps/*/firewall/ingressRules/*}" 606 }; 607 } 608} 609 610// Request message for `Firewall.ListIngressRules`. 611message ListIngressRulesRequest { 612 // Name of the Firewall collection to retrieve. 613 // Example: `apps/myapp/firewall/ingressRules`. 614 string parent = 1; 615 616 // Maximum results to return per page. 617 int32 page_size = 2; 618 619 // Continuation token for fetching the next page of results. 620 string page_token = 3; 621 622 // A valid IP Address. If set, only rules matching this address will be 623 // returned. The first returned rule will be the rule that fires on requests 624 // from this IP. 625 string matching_address = 4; 626} 627 628// Response message for `Firewall.ListIngressRules`. 629message ListIngressRulesResponse { 630 // The ingress FirewallRules for this application. 631 repeated google.appengine.v1.FirewallRule ingress_rules = 1; 632 633 // Continuation token for fetching the next page of results. 634 string next_page_token = 2; 635} 636 637// Request message for `Firewall.BatchUpdateIngressRules`. 638message BatchUpdateIngressRulesRequest { 639 // Name of the Firewall collection to set. 640 // Example: `apps/myapp/firewall/ingressRules`. 641 string name = 1; 642 643 // A list of FirewallRules to replace the existing set. 644 repeated google.appengine.v1.FirewallRule ingress_rules = 2; 645} 646 647// Response message for `Firewall.UpdateAllIngressRules`. 648message BatchUpdateIngressRulesResponse { 649 // The full list of ingress FirewallRules for this application. 650 repeated google.appengine.v1.FirewallRule ingress_rules = 1; 651} 652 653// Request message for `Firewall.CreateIngressRule`. 654message CreateIngressRuleRequest { 655 // Name of the parent Firewall collection in which to create a new rule. 656 // Example: `apps/myapp/firewall/ingressRules`. 657 string parent = 1; 658 659 // A FirewallRule containing the new resource. 660 // 661 // The user may optionally provide a position at which the new rule will be 662 // placed. The positions define a sequential list starting at 1. If a rule 663 // already exists at the given position, rules greater than the provided 664 // position will be moved forward by one. 665 // 666 // If no position is provided, the server will place the rule as the second to 667 // last rule in the sequence before the required default allow-all or deny-all 668 // rule. 669 google.appengine.v1.FirewallRule rule = 2; 670} 671 672// Request message for `Firewall.GetIngressRule`. 673message GetIngressRuleRequest { 674 // Name of the Firewall resource to retrieve. 675 // Example: `apps/myapp/firewall/ingressRules/100`. 676 string name = 1; 677} 678 679// Request message for `Firewall.UpdateIngressRule`. 680message UpdateIngressRuleRequest { 681 // Name of the Firewall resource to update. 682 // Example: `apps/myapp/firewall/ingressRules/100`. 683 string name = 1; 684 685 // A FirewallRule containing the updated resource 686 google.appengine.v1.FirewallRule rule = 2; 687 688 // Standard field mask for the set of fields to be updated. 689 google.protobuf.FieldMask update_mask = 3; 690} 691 692// Request message for `Firewall.DeleteIngressRule`. 693message DeleteIngressRuleRequest { 694 // Name of the Firewall resource to delete. 695 // Example: `apps/myapp/firewall/ingressRules/100`. 696 string name = 1; 697} 698 699// Manages domains a user is authorized to administer. To authorize use of a 700// domain, verify ownership via 701// [Webmaster Central](https://www.google.com/webmasters/verification/home). 702service AuthorizedDomains { 703 option (google.api.default_host) = "appengine.googleapis.com"; 704 option (google.api.oauth_scopes) = 705 "https://www.googleapis.com/auth/appengine.admin," 706 "https://www.googleapis.com/auth/cloud-platform," 707 "https://www.googleapis.com/auth/cloud-platform.read-only"; 708 709 // Lists all domains the user is authorized to administer. 710 rpc ListAuthorizedDomains(ListAuthorizedDomainsRequest) returns (ListAuthorizedDomainsResponse) { 711 option (google.api.http) = { 712 get: "/v1/{parent=apps/*}/authorizedDomains" 713 }; 714 } 715} 716 717// Request message for `AuthorizedDomains.ListAuthorizedDomains`. 718message ListAuthorizedDomainsRequest { 719 // Name of the parent Application resource. Example: `apps/myapp`. 720 string parent = 1; 721 722 // Maximum results to return per page. 723 int32 page_size = 2; 724 725 // Continuation token for fetching the next page of results. 726 string page_token = 3; 727} 728 729// Response message for `AuthorizedDomains.ListAuthorizedDomains`. 730message ListAuthorizedDomainsResponse { 731 // The authorized domains belonging to the user. 732 repeated google.appengine.v1.AuthorizedDomain domains = 1; 733 734 // Continuation token for fetching the next page of results. 735 string next_page_token = 2; 736} 737 738// Manages SSL certificates a user is authorized to administer. A user can 739// administer any SSL certificates applicable to their authorized domains. 740service AuthorizedCertificates { 741 option (google.api.default_host) = "appengine.googleapis.com"; 742 option (google.api.oauth_scopes) = 743 "https://www.googleapis.com/auth/appengine.admin," 744 "https://www.googleapis.com/auth/cloud-platform," 745 "https://www.googleapis.com/auth/cloud-platform.read-only"; 746 747 // Lists all SSL certificates the user is authorized to administer. 748 rpc ListAuthorizedCertificates(ListAuthorizedCertificatesRequest) returns (ListAuthorizedCertificatesResponse) { 749 option (google.api.http) = { 750 get: "/v1/{parent=apps/*}/authorizedCertificates" 751 }; 752 } 753 754 // Gets the specified SSL certificate. 755 rpc GetAuthorizedCertificate(GetAuthorizedCertificateRequest) returns (google.appengine.v1.AuthorizedCertificate) { 756 option (google.api.http) = { 757 get: "/v1/{name=apps/*/authorizedCertificates/*}" 758 }; 759 } 760 761 // Uploads the specified SSL certificate. 762 rpc CreateAuthorizedCertificate(CreateAuthorizedCertificateRequest) returns (google.appengine.v1.AuthorizedCertificate) { 763 option (google.api.http) = { 764 post: "/v1/{parent=apps/*}/authorizedCertificates" 765 body: "certificate" 766 }; 767 } 768 769 // Updates the specified SSL certificate. To renew a certificate and maintain 770 // its existing domain mappings, update `certificate_data` with a new 771 // certificate. The new certificate must be applicable to the same domains as 772 // the original certificate. The certificate `display_name` may also be 773 // updated. 774 rpc UpdateAuthorizedCertificate(UpdateAuthorizedCertificateRequest) returns (google.appengine.v1.AuthorizedCertificate) { 775 option (google.api.http) = { 776 patch: "/v1/{name=apps/*/authorizedCertificates/*}" 777 body: "certificate" 778 }; 779 } 780 781 // Deletes the specified SSL certificate. 782 rpc DeleteAuthorizedCertificate(DeleteAuthorizedCertificateRequest) returns (google.protobuf.Empty) { 783 option (google.api.http) = { 784 delete: "/v1/{name=apps/*/authorizedCertificates/*}" 785 }; 786 } 787} 788 789// Request message for `AuthorizedCertificates.ListAuthorizedCertificates`. 790message ListAuthorizedCertificatesRequest { 791 // Name of the parent `Application` resource. Example: `apps/myapp`. 792 string parent = 1; 793 794 // Controls the set of fields returned in the `LIST` response. 795 AuthorizedCertificateView view = 4; 796 797 // Maximum results to return per page. 798 int32 page_size = 2; 799 800 // Continuation token for fetching the next page of results. 801 string page_token = 3; 802} 803 804// Response message for `AuthorizedCertificates.ListAuthorizedCertificates`. 805message ListAuthorizedCertificatesResponse { 806 // The SSL certificates the user is authorized to administer. 807 repeated google.appengine.v1.AuthorizedCertificate certificates = 1; 808 809 // Continuation token for fetching the next page of results. 810 string next_page_token = 2; 811} 812 813// Request message for `AuthorizedCertificates.GetAuthorizedCertificate`. 814message GetAuthorizedCertificateRequest { 815 // Name of the resource requested. Example: 816 // `apps/myapp/authorizedCertificates/12345`. 817 string name = 1; 818 819 // Controls the set of fields returned in the `GET` response. 820 AuthorizedCertificateView view = 2; 821} 822 823// Fields that should be returned when an AuthorizedCertificate resource is 824// retrieved. 825enum AuthorizedCertificateView { 826 // Basic certificate information, including applicable domains and expiration 827 // date. 828 BASIC_CERTIFICATE = 0; 829 830 // The information from `BASIC_CERTIFICATE`, plus detailed information on the 831 // domain mappings that have this certificate mapped. 832 FULL_CERTIFICATE = 1; 833} 834 835// Request message for `AuthorizedCertificates.CreateAuthorizedCertificate`. 836message CreateAuthorizedCertificateRequest { 837 // Name of the parent `Application` resource. Example: `apps/myapp`. 838 string parent = 1; 839 840 // SSL certificate data. 841 google.appengine.v1.AuthorizedCertificate certificate = 2; 842} 843 844// Request message for `AuthorizedCertificates.UpdateAuthorizedCertificate`. 845message UpdateAuthorizedCertificateRequest { 846 // Name of the resource to update. Example: 847 // `apps/myapp/authorizedCertificates/12345`. 848 string name = 1; 849 850 // An `AuthorizedCertificate` containing the updated resource. Only fields set 851 // in the field mask will be updated. 852 google.appengine.v1.AuthorizedCertificate certificate = 2; 853 854 // Standard field mask for the set of fields to be updated. Updates are only 855 // supported on the `certificate_raw_data` and `display_name` fields. 856 google.protobuf.FieldMask update_mask = 3; 857} 858 859// Request message for `AuthorizedCertificates.DeleteAuthorizedCertificate`. 860message DeleteAuthorizedCertificateRequest { 861 // Name of the resource to delete. Example: 862 // `apps/myapp/authorizedCertificates/12345`. 863 string name = 1; 864} 865 866// Manages domains serving an application. 867service DomainMappings { 868 option (google.api.default_host) = "appengine.googleapis.com"; 869 option (google.api.oauth_scopes) = 870 "https://www.googleapis.com/auth/appengine.admin," 871 "https://www.googleapis.com/auth/cloud-platform," 872 "https://www.googleapis.com/auth/cloud-platform.read-only"; 873 874 // Lists the domain mappings on an application. 875 rpc ListDomainMappings(ListDomainMappingsRequest) returns (ListDomainMappingsResponse) { 876 option (google.api.http) = { 877 get: "/v1/{parent=apps/*}/domainMappings" 878 }; 879 } 880 881 // Gets the specified domain mapping. 882 rpc GetDomainMapping(GetDomainMappingRequest) returns (google.appengine.v1.DomainMapping) { 883 option (google.api.http) = { 884 get: "/v1/{name=apps/*/domainMappings/*}" 885 }; 886 } 887 888 // Maps a domain to an application. A user must be authorized to administer a 889 // domain in order to map it to an application. For a list of available 890 // authorized domains, see [`AuthorizedDomains.ListAuthorizedDomains`](). 891 rpc CreateDomainMapping(CreateDomainMappingRequest) returns (google.longrunning.Operation) { 892 option (google.api.http) = { 893 post: "/v1/{parent=apps/*}/domainMappings" 894 body: "domain_mapping" 895 }; 896 option (google.longrunning.operation_info) = { 897 response_type: "DomainMapping" 898 metadata_type: "OperationMetadataV1" 899 }; 900 } 901 902 // Updates the specified domain mapping. To map an SSL certificate to a 903 // domain mapping, update `certificate_id` to point to an `AuthorizedCertificate` 904 // resource. A user must be authorized to administer the associated domain 905 // in order to update a `DomainMapping` resource. 906 rpc UpdateDomainMapping(UpdateDomainMappingRequest) returns (google.longrunning.Operation) { 907 option (google.api.http) = { 908 patch: "/v1/{name=apps/*/domainMappings/*}" 909 body: "domain_mapping" 910 }; 911 option (google.longrunning.operation_info) = { 912 response_type: "DomainMapping" 913 metadata_type: "OperationMetadataV1" 914 }; 915 } 916 917 // Deletes the specified domain mapping. A user must be authorized to 918 // administer the associated domain in order to delete a `DomainMapping` 919 // resource. 920 rpc DeleteDomainMapping(DeleteDomainMappingRequest) returns (google.longrunning.Operation) { 921 option (google.api.http) = { 922 delete: "/v1/{name=apps/*/domainMappings/*}" 923 }; 924 option (google.longrunning.operation_info) = { 925 response_type: "google.protobuf.Empty" 926 metadata_type: "OperationMetadataV1" 927 }; 928 } 929} 930 931// Request message for `DomainMappings.ListDomainMappings`. 932message ListDomainMappingsRequest { 933 // Name of the parent Application resource. Example: `apps/myapp`. 934 string parent = 1; 935 936 // Maximum results to return per page. 937 int32 page_size = 2; 938 939 // Continuation token for fetching the next page of results. 940 string page_token = 3; 941} 942 943// Response message for `DomainMappings.ListDomainMappings`. 944message ListDomainMappingsResponse { 945 // The domain mappings for the application. 946 repeated google.appengine.v1.DomainMapping domain_mappings = 1; 947 948 // Continuation token for fetching the next page of results. 949 string next_page_token = 2; 950} 951 952// Request message for `DomainMappings.GetDomainMapping`. 953message GetDomainMappingRequest { 954 // Name of the resource requested. Example: 955 // `apps/myapp/domainMappings/example.com`. 956 string name = 1; 957} 958 959// Override strategy for mutating an existing mapping. 960enum DomainOverrideStrategy { 961 // Strategy unspecified. Defaults to `STRICT`. 962 UNSPECIFIED_DOMAIN_OVERRIDE_STRATEGY = 0; 963 964 // Overrides not allowed. If a mapping already exists for the 965 // specified domain, the request will return an ALREADY_EXISTS (409). 966 STRICT = 1; 967 968 // Overrides allowed. If a mapping already exists for the specified domain, 969 // the request will overwrite it. Note that this might stop another 970 // Google product from serving. For example, if the domain is 971 // mapped to another App Engine application, that app will no 972 // longer serve from that domain. 973 OVERRIDE = 2; 974} 975 976// Request message for `DomainMappings.CreateDomainMapping`. 977message CreateDomainMappingRequest { 978 // Name of the parent Application resource. Example: `apps/myapp`. 979 string parent = 1; 980 981 // Domain mapping configuration. 982 google.appengine.v1.DomainMapping domain_mapping = 2; 983 984 // Whether the domain creation should override any existing mappings for this 985 // domain. By default, overrides are rejected. 986 DomainOverrideStrategy override_strategy = 4; 987} 988 989// Request message for `DomainMappings.UpdateDomainMapping`. 990message UpdateDomainMappingRequest { 991 // Name of the resource to update. Example: 992 // `apps/myapp/domainMappings/example.com`. 993 string name = 1; 994 995 // A domain mapping containing the updated resource. Only fields set 996 // in the field mask will be updated. 997 google.appengine.v1.DomainMapping domain_mapping = 2; 998 999 // Required. Standard field mask for the set of fields to be updated. 1000 google.protobuf.FieldMask update_mask = 3; 1001} 1002 1003// Request message for `DomainMappings.DeleteDomainMapping`. 1004message DeleteDomainMappingRequest { 1005 // Name of the resource to delete. Example: 1006 // `apps/myapp/domainMappings/example.com`. 1007 string name = 1; 1008} 1009