1// Copyright 2023 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.aiplatform.v1beta1; 18 19import "google/api/field_behavior.proto"; 20import "google/api/resource.proto"; 21import "google/cloud/aiplatform/v1beta1/encryption_spec.proto"; 22import "google/cloud/aiplatform/v1beta1/machine_resources.proto"; 23import "google/cloud/aiplatform/v1beta1/service_networking.proto"; 24import "google/protobuf/timestamp.proto"; 25 26option csharp_namespace = "Google.Cloud.AIPlatform.V1Beta1"; 27option go_package = "cloud.google.com/go/aiplatform/apiv1beta1/aiplatformpb;aiplatformpb"; 28option java_multiple_files = true; 29option java_outer_classname = "IndexEndpointProto"; 30option java_package = "com.google.cloud.aiplatform.v1beta1"; 31option php_namespace = "Google\\Cloud\\AIPlatform\\V1beta1"; 32option ruby_package = "Google::Cloud::AIPlatform::V1beta1"; 33 34// Indexes are deployed into it. An IndexEndpoint can have multiple 35// DeployedIndexes. 36message IndexEndpoint { 37 option (google.api.resource) = { 38 type: "aiplatform.googleapis.com/IndexEndpoint" 39 pattern: "projects/{project}/locations/{location}/indexEndpoints/{index_endpoint}" 40 }; 41 42 // Output only. The resource name of the IndexEndpoint. 43 string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 44 45 // Required. The display name of the IndexEndpoint. 46 // The name can be up to 128 characters long and can consist of any UTF-8 47 // characters. 48 string display_name = 2 [(google.api.field_behavior) = REQUIRED]; 49 50 // The description of the IndexEndpoint. 51 string description = 3; 52 53 // Output only. The indexes deployed in this endpoint. 54 repeated DeployedIndex deployed_indexes = 4 55 [(google.api.field_behavior) = OUTPUT_ONLY]; 56 57 // Used to perform consistent read-modify-write updates. If not set, a blind 58 // "overwrite" update happens. 59 string etag = 5; 60 61 // The labels with user-defined metadata to organize your IndexEndpoints. 62 // 63 // Label keys and values can be no longer than 64 characters 64 // (Unicode codepoints), can only contain lowercase letters, numeric 65 // characters, underscores and dashes. International characters are allowed. 66 // 67 // See https://goo.gl/xmQnxf for more information and examples of labels. 68 map<string, string> labels = 6; 69 70 // Output only. Timestamp when this IndexEndpoint was created. 71 google.protobuf.Timestamp create_time = 7 72 [(google.api.field_behavior) = OUTPUT_ONLY]; 73 74 // Output only. Timestamp when this IndexEndpoint was last updated. 75 // This timestamp is not updated when the endpoint's DeployedIndexes are 76 // updated, e.g. due to updates of the original Indexes they are the 77 // deployments of. 78 google.protobuf.Timestamp update_time = 8 79 [(google.api.field_behavior) = OUTPUT_ONLY]; 80 81 // Optional. The full name of the Google Compute Engine 82 // [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) 83 // to which the IndexEndpoint should be peered. 84 // 85 // Private services access must already be configured for the network. If left 86 // unspecified, the Endpoint is not peered with any network. 87 // 88 // [network][google.cloud.aiplatform.v1beta1.IndexEndpoint.network] and 89 // [private_service_connect_config][google.cloud.aiplatform.v1beta1.IndexEndpoint.private_service_connect_config] 90 // are mutually exclusive. 91 // 92 // [Format](https://cloud.google.com/compute/docs/reference/rest/v1/networks/insert): 93 // `projects/{project}/global/networks/{network}`. 94 // Where {project} is a project number, as in '12345', and {network} is 95 // network name. 96 string network = 9 [(google.api.field_behavior) = OPTIONAL]; 97 98 // Optional. Deprecated: If true, expose the IndexEndpoint via private service 99 // connect. 100 // 101 // Only one of the fields, 102 // [network][google.cloud.aiplatform.v1beta1.IndexEndpoint.network] or 103 // [enable_private_service_connect][google.cloud.aiplatform.v1beta1.IndexEndpoint.enable_private_service_connect], 104 // can be set. 105 bool enable_private_service_connect = 10 106 [deprecated = true, (google.api.field_behavior) = OPTIONAL]; 107 108 // Optional. Configuration for private service connect. 109 // 110 // [network][google.cloud.aiplatform.v1beta1.IndexEndpoint.network] and 111 // [private_service_connect_config][google.cloud.aiplatform.v1beta1.IndexEndpoint.private_service_connect_config] 112 // are mutually exclusive. 113 PrivateServiceConnectConfig private_service_connect_config = 12 114 [(google.api.field_behavior) = OPTIONAL]; 115 116 // Optional. If true, the deployed index will be accessible through public 117 // endpoint. 118 bool public_endpoint_enabled = 13 [(google.api.field_behavior) = OPTIONAL]; 119 120 // Output only. If 121 // [public_endpoint_enabled][google.cloud.aiplatform.v1beta1.IndexEndpoint.public_endpoint_enabled] 122 // is true, this field will be populated with the domain name to use for this 123 // index endpoint. 124 string public_endpoint_domain_name = 14 125 [(google.api.field_behavior) = OUTPUT_ONLY]; 126 127 // Immutable. Customer-managed encryption key spec for an IndexEndpoint. If 128 // set, this IndexEndpoint and all sub-resources of this IndexEndpoint will be 129 // secured by this key. 130 EncryptionSpec encryption_spec = 15 [(google.api.field_behavior) = IMMUTABLE]; 131} 132 133// A deployment of an Index. IndexEndpoints contain one or more DeployedIndexes. 134message DeployedIndex { 135 // Required. The user specified ID of the DeployedIndex. 136 // The ID can be up to 128 characters long and must start with a letter and 137 // only contain letters, numbers, and underscores. 138 // The ID must be unique within the project it is created in. 139 string id = 1 [(google.api.field_behavior) = REQUIRED]; 140 141 // Required. The name of the Index this is the deployment of. 142 // We may refer to this Index as the DeployedIndex's "original" Index. 143 string index = 2 [ 144 (google.api.field_behavior) = REQUIRED, 145 (google.api.resource_reference) = { 146 type: "aiplatform.googleapis.com/Index" 147 } 148 ]; 149 150 // The display name of the DeployedIndex. If not provided upon creation, 151 // the Index's display_name is used. 152 string display_name = 3; 153 154 // Output only. Timestamp when the DeployedIndex was created. 155 google.protobuf.Timestamp create_time = 4 156 [(google.api.field_behavior) = OUTPUT_ONLY]; 157 158 // Output only. Provides paths for users to send requests directly to the 159 // deployed index services running on Cloud via private services access. This 160 // field is populated if 161 // [network][google.cloud.aiplatform.v1beta1.IndexEndpoint.network] is 162 // configured. 163 IndexPrivateEndpoints private_endpoints = 5 164 [(google.api.field_behavior) = OUTPUT_ONLY]; 165 166 // Output only. The DeployedIndex may depend on various data on its original 167 // Index. Additionally when certain changes to the original Index are being 168 // done (e.g. when what the Index contains is being changed) the DeployedIndex 169 // may be asynchronously updated in the background to reflect these changes. 170 // If this timestamp's value is at least the 171 // [Index.update_time][google.cloud.aiplatform.v1beta1.Index.update_time] of 172 // the original Index, it means that this DeployedIndex and the original Index 173 // are in sync. If this timestamp is older, then to see which updates this 174 // DeployedIndex already contains (and which it does not), one must 175 // [list][google.longrunning.Operations.ListOperations] the operations that 176 // are running on the original Index. Only the successfully completed 177 // Operations with 178 // [update_time][google.cloud.aiplatform.v1beta1.GenericOperationMetadata.update_time] 179 // equal or before this sync time are contained in this DeployedIndex. 180 google.protobuf.Timestamp index_sync_time = 6 181 [(google.api.field_behavior) = OUTPUT_ONLY]; 182 183 // Optional. A description of resources that the DeployedIndex uses, which to 184 // large degree are decided by Vertex AI, and optionally allows only a modest 185 // additional configuration. 186 // If min_replica_count is not set, the default value is 2 (we don't provide 187 // SLA when min_replica_count=1). If max_replica_count is not set, the 188 // default value is min_replica_count. The max allowed replica count is 189 // 1000. 190 AutomaticResources automatic_resources = 7 191 [(google.api.field_behavior) = OPTIONAL]; 192 193 // Optional. A description of resources that are dedicated to the 194 // DeployedIndex, and that need a higher degree of manual configuration. The 195 // field min_replica_count must be set to a value strictly greater than 0, or 196 // else validation will fail. We don't provide SLA when min_replica_count=1. 197 // If max_replica_count is not set, the default value is min_replica_count. 198 // The max allowed replica count is 1000. 199 // 200 // Available machine types for SMALL shard: 201 // e2-standard-2 and all machine types available for MEDIUM and LARGE shard. 202 // 203 // Available machine types for MEDIUM shard: 204 // e2-standard-16 and all machine types available for LARGE shard. 205 // 206 // Available machine types for LARGE shard: 207 // e2-highmem-16, n2d-standard-32. 208 // 209 // n1-standard-16 and n1-standard-32 are still available, but we recommend 210 // e2-standard-16 and e2-highmem-16 for cost efficiency. 211 DedicatedResources dedicated_resources = 16 212 [(google.api.field_behavior) = OPTIONAL]; 213 214 // Optional. If true, private endpoint's access logs are sent to Cloud 215 // Logging. 216 // 217 // These logs are like standard server access logs, containing 218 // information like timestamp and latency for each MatchRequest. 219 // 220 // Note that logs may incur a cost, especially if the deployed 221 // index receives a high queries per second rate (QPS). 222 // Estimate your costs before enabling this option. 223 bool enable_access_logging = 8 [(google.api.field_behavior) = OPTIONAL]; 224 225 // Optional. If set, the authentication is enabled for the private endpoint. 226 DeployedIndexAuthConfig deployed_index_auth_config = 9 227 [(google.api.field_behavior) = OPTIONAL]; 228 229 // Optional. A list of reserved ip ranges under the VPC network that can be 230 // used for this DeployedIndex. 231 // 232 // If set, we will deploy the index within the provided ip ranges. Otherwise, 233 // the index might be deployed to any ip ranges under the provided VPC 234 // network. 235 // 236 // The value should be the name of the address 237 // (https://cloud.google.com/compute/docs/reference/rest/v1/addresses) 238 // Example: ['vertex-ai-ip-range']. 239 // 240 // For more information about subnets and network IP ranges, please see 241 // https://cloud.google.com/vpc/docs/subnets#manually_created_subnet_ip_ranges. 242 repeated string reserved_ip_ranges = 10 243 [(google.api.field_behavior) = OPTIONAL]; 244 245 // Optional. The deployment group can be no longer than 64 characters (eg: 246 // 'test', 'prod'). If not set, we will use the 'default' deployment group. 247 // 248 // Creating `deployment_groups` with `reserved_ip_ranges` is a recommended 249 // practice when the peered network has multiple peering ranges. This creates 250 // your deployments from predictable IP spaces for easier traffic 251 // administration. Also, one deployment_group (except 'default') can only be 252 // used with the same reserved_ip_ranges which means if the deployment_group 253 // has been used with reserved_ip_ranges: [a, b, c], using it with [a, b] or 254 // [d, e] is disallowed. 255 // 256 // Note: we only support up to 5 deployment groups(not including 'default'). 257 string deployment_group = 11 [(google.api.field_behavior) = OPTIONAL]; 258} 259 260// Used to set up the auth on the DeployedIndex's private endpoint. 261message DeployedIndexAuthConfig { 262 // Configuration for an authentication provider, including support for 263 // [JSON Web Token 264 // (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). 265 message AuthProvider { 266 // The list of JWT 267 // [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). 268 // that are allowed to access. A JWT containing any of these audiences will 269 // be accepted. 270 repeated string audiences = 1; 271 272 // A list of allowed JWT issuers. Each entry must be a valid Google 273 // service account, in the following format: 274 // 275 // `[email protected]` 276 repeated string allowed_issuers = 2; 277 } 278 279 // Defines the authentication provider that the DeployedIndex uses. 280 AuthProvider auth_provider = 1; 281} 282 283// IndexPrivateEndpoints proto is used to provide paths for users to send 284// requests via private endpoints (e.g. private service access, private service 285// connect). 286// To send request via private service access, use match_grpc_address. 287// To send request via private service connect, use service_attachment. 288message IndexPrivateEndpoints { 289 // Output only. The ip address used to send match gRPC requests. 290 string match_grpc_address = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 291 292 // Output only. The name of the service attachment resource. Populated if 293 // private service connect is enabled. 294 string service_attachment = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 295 296 // Output only. PscAutomatedEndpoints is populated if private service connect 297 // is enabled if PscAutomatedConfig is set. 298 repeated PscAutomatedEndpoints psc_automated_endpoints = 3 299 [(google.api.field_behavior) = OUTPUT_ONLY]; 300} 301