1// Copyright 2023 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.alloydb.v1; 18 19import "google/api/field_behavior.proto"; 20import "google/api/resource.proto"; 21import "google/protobuf/duration.proto"; 22import "google/protobuf/timestamp.proto"; 23import "google/protobuf/wrappers.proto"; 24import "google/type/dayofweek.proto"; 25import "google/type/timeofday.proto"; 26 27option csharp_namespace = "Google.Cloud.AlloyDb.V1"; 28option go_package = "cloud.google.com/go/alloydb/apiv1/alloydbpb;alloydbpb"; 29option java_multiple_files = true; 30option java_outer_classname = "ResourcesProto"; 31option java_package = "com.google.cloud.alloydb.v1"; 32option php_namespace = "Google\\Cloud\\AlloyDb\\V1"; 33option ruby_package = "Google::Cloud::AlloyDB::V1"; 34option (google.api.resource_definition) = { 35 type: "cloudkms.googleapis.com/CryptoKeyVersion" 36 pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}" 37}; 38option (google.api.resource_definition) = { 39 type: "compute.googleapis.com/Network" 40 pattern: "projects/{project}/global/networks/{network}" 41}; 42 43// View on Instance. Pass this enum to rpcs that returns an Instance message to 44// control which subsets of fields to get. 45enum InstanceView { 46 // INSTANCE_VIEW_UNSPECIFIED Not specified, equivalent to BASIC. 47 INSTANCE_VIEW_UNSPECIFIED = 0; 48 49 // BASIC server responses for a primary or read instance include all the 50 // relevant instance details, excluding the details of each node in the 51 // instance. The default value. 52 INSTANCE_VIEW_BASIC = 1; 53 54 // FULL response is equivalent to BASIC for primary instance (for now). 55 // For read pool instance, this includes details of each node in the pool. 56 INSTANCE_VIEW_FULL = 2; 57} 58 59// View on Cluster. Pass this enum to rpcs that returns a cluster message to 60// control which subsets of fields to get. 61enum ClusterView { 62 // CLUSTER_VIEW_UNSPECIFIED Not specified, equivalent to BASIC. 63 CLUSTER_VIEW_UNSPECIFIED = 0; 64 65 // BASIC server responses include all the relevant cluster details, excluding 66 // Cluster.ContinuousBackupInfo.EarliestRestorableTime and other view-specific 67 // fields. The default value. 68 CLUSTER_VIEW_BASIC = 1; 69 70 // CONTINUOUS_BACKUP response returns all the fields from BASIC plus 71 // the earliest restorable time if continuous backups are enabled. 72 // May increase latency. 73 CLUSTER_VIEW_CONTINUOUS_BACKUP = 2; 74} 75 76// The supported database engine versions. 77enum DatabaseVersion { 78 // This is an unknown database version. 79 DATABASE_VERSION_UNSPECIFIED = 0; 80 81 // DEPRECATED - The database version is Postgres 13. 82 POSTGRES_13 = 1 [deprecated = true]; 83 84 // The database version is Postgres 14. 85 POSTGRES_14 = 2; 86} 87 88// The username/password for a database user. Used for specifying initial 89// users at cluster creation time. 90message UserPassword { 91 // The database username. 92 string user = 1; 93 94 // The initial password for the user. 95 string password = 2; 96} 97 98// Subset of the source instance configuration that is available when reading 99// the cluster resource. 100message MigrationSource { 101 // Denote the type of migration source that created this cluster. 102 enum MigrationSourceType { 103 // Migration source is unknown. 104 MIGRATION_SOURCE_TYPE_UNSPECIFIED = 0; 105 106 // DMS source means the cluster was created via DMS migration job. 107 DMS = 1; 108 } 109 110 // Output only. The host and port of the on-premises instance in host:port 111 // format 112 string host_port = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 113 114 // Output only. Place holder for the external source identifier(e.g DMS job 115 // name) that created the cluster. 116 string reference_id = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 117 118 // Output only. Type of migration source. 119 MigrationSourceType source_type = 3 120 [(google.api.field_behavior) = OUTPUT_ONLY]; 121} 122 123// EncryptionConfig describes the encryption config of a cluster or a backup 124// that is encrypted with a CMEK (customer-managed encryption key). 125message EncryptionConfig { 126 // The fully-qualified resource name of the KMS key. 127 // Each Cloud KMS key is regionalized and has the following format: 128 // projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME] 129 string kms_key_name = 1; 130} 131 132// EncryptionInfo describes the encryption information of a cluster or a backup. 133message EncryptionInfo { 134 // Possible encryption types. 135 enum Type { 136 // Encryption type not specified. Defaults to GOOGLE_DEFAULT_ENCRYPTION. 137 TYPE_UNSPECIFIED = 0; 138 139 // The data is encrypted at rest with a key that is fully managed by Google. 140 // No key version will be populated. This is the default state. 141 GOOGLE_DEFAULT_ENCRYPTION = 1; 142 143 // The data is encrypted at rest with a key that is managed by the customer. 144 // KMS key versions will be populated. 145 CUSTOMER_MANAGED_ENCRYPTION = 2; 146 } 147 148 // Output only. Type of encryption. 149 Type encryption_type = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 150 151 // Output only. Cloud KMS key versions that are being used to protect the 152 // database or the backup. 153 repeated string kms_key_versions = 2 [ 154 (google.api.field_behavior) = OUTPUT_ONLY, 155 (google.api.resource_reference) = { 156 type: "cloudkms.googleapis.com/CryptoKeyVersion" 157 } 158 ]; 159} 160 161// SSL configuration. 162message SslConfig { 163 // SSL mode options. 164 enum SslMode { 165 // SSL mode not specified. Defaults to ENCRYPTED_ONLY. 166 SSL_MODE_UNSPECIFIED = 0; 167 168 // SSL connections are optional. CA verification not enforced. 169 SSL_MODE_ALLOW = 1 [deprecated = true]; 170 171 // SSL connections are required. CA verification not enforced. 172 // Clients may use locally self-signed certificates (default psql client 173 // behavior). 174 SSL_MODE_REQUIRE = 2 [deprecated = true]; 175 176 // SSL connections are required. CA verification enforced. 177 // Clients must have certificates signed by a Cluster CA, e.g. via 178 // GenerateClientCertificate. 179 SSL_MODE_VERIFY_CA = 3 [deprecated = true]; 180 181 // SSL connections are optional. CA verification not enforced. 182 ALLOW_UNENCRYPTED_AND_ENCRYPTED = 4; 183 184 // SSL connections are required. CA verification not enforced. 185 ENCRYPTED_ONLY = 5; 186 } 187 188 // Certificate Authority (CA) source for SSL/TLS certificates. 189 enum CaSource { 190 // Certificate Authority (CA) source not specified. Defaults to 191 // CA_SOURCE_MANAGED. 192 CA_SOURCE_UNSPECIFIED = 0; 193 194 // Certificate Authority (CA) managed by the AlloyDB Cluster. 195 CA_SOURCE_MANAGED = 1; 196 } 197 198 // Optional. SSL mode. Specifies client-server SSL/TLS connection behavior. 199 SslMode ssl_mode = 1 [(google.api.field_behavior) = OPTIONAL]; 200 201 // Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is 202 // supported currently, and is the default value. 203 CaSource ca_source = 2 [(google.api.field_behavior) = OPTIONAL]; 204} 205 206// Message describing the user-specified automated backup policy. 207// 208// All fields in the automated backup policy are optional. Defaults for each 209// field are provided if they are not set. 210message AutomatedBackupPolicy { 211 // A weekly schedule starts a backup at prescribed start times within a 212 // day, for the specified days of the week. 213 // 214 // The weekly schedule message is flexible and can be used to create many 215 // types of schedules. For example, to have a daily backup that starts at 216 // 22:00, configure the `start_times` field to have one element "22:00" and 217 // the `days_of_week` field to have all seven days of the week. 218 message WeeklySchedule { 219 // The times during the day to start a backup. The start times are assumed 220 // to be in UTC and to be an exact hour (e.g., 04:00:00). 221 // 222 // If no start times are provided, a single fixed start time is chosen 223 // arbitrarily. 224 repeated google.type.TimeOfDay start_times = 1; 225 226 // The days of the week to perform a backup. 227 // 228 // If this field is left empty, the default of every day of the week is 229 // used. 230 repeated google.type.DayOfWeek days_of_week = 2; 231 } 232 233 // A time based retention policy specifies that all backups within a certain 234 // time period should be retained. 235 message TimeBasedRetention { 236 // The retention period. 237 google.protobuf.Duration retention_period = 1; 238 } 239 240 // A quantity based policy specifies that a certain number of the most recent 241 // successful backups should be retained. 242 message QuantityBasedRetention { 243 // The number of backups to retain. 244 int32 count = 1; 245 } 246 247 // The schedule for this automated backup policy. 248 // 249 // A schedule specifies times at which to start a backup. If a backup 250 // window is also provided, the backup is guaranteed to be started and 251 // completed within the start time plus the backup window. If the backup is 252 // not completed within the backup window it is marked as failed. 253 // 254 // If not set, the schedule defaults to a weekly schedule with one backup 255 // per day and a start time chosen arbitrarily. 256 oneof schedule { 257 // Weekly schedule for the Backup. 258 WeeklySchedule weekly_schedule = 2; 259 } 260 261 // The retention policy for automated backups. 262 // 263 // The retention policy for a backup is fixed at the time the backup is 264 // created. Changes to this field only apply to new backups taken with the 265 // policy; the retentions of existing backups remain unchanged. 266 // 267 // If no retention policy is set, a default of 14 days is used. 268 oneof retention { 269 // Time-based Backup retention policy. 270 TimeBasedRetention time_based_retention = 4; 271 272 // Quantity-based Backup retention policy to retain recent backups. 273 QuantityBasedRetention quantity_based_retention = 5; 274 } 275 276 // Whether automated automated backups are enabled. If not set, defaults to 277 // true. 278 optional bool enabled = 1; 279 280 // The length of the time window during which a backup can be 281 // taken. If a backup does not succeed within this time window, it will be 282 // canceled and considered failed. 283 // 284 // The backup window must be at least 5 minutes long. There is no upper bound 285 // on the window. If not set, it defaults to 1 hour. 286 google.protobuf.Duration backup_window = 3; 287 288 // Optional. The encryption config can be specified to encrypt the 289 // backups with a customer-managed encryption key (CMEK). When this field is 290 // not specified, the backup will then use default encryption scheme to 291 // protect the user data. 292 EncryptionConfig encryption_config = 8 293 [(google.api.field_behavior) = OPTIONAL]; 294 295 // The location where the backup will be stored. Currently, the only supported 296 // option is to store the backup in the same region as the cluster. 297 // 298 // If empty, defaults to the region of the cluster. 299 string location = 6; 300 301 // Labels to apply to backups created using this configuration. 302 map<string, string> labels = 7; 303} 304 305// ContinuousBackupConfig describes the continuous backups recovery 306// configurations of a cluster. 307message ContinuousBackupConfig { 308 // Whether ContinuousBackup is enabled. 309 optional bool enabled = 1; 310 311 // The number of days that are eligible to restore from using PITR. To support 312 // the entire recovery window, backups and logs are retained for one day more 313 // than the recovery window. If not set, defaults to 14 days. 314 int32 recovery_window_days = 4; 315 316 // The encryption config can be specified to encrypt the 317 // backups with a customer-managed encryption key (CMEK). When this field is 318 // not specified, the backup will then use default encryption scheme to 319 // protect the user data. 320 EncryptionConfig encryption_config = 3; 321} 322 323// ContinuousBackupInfo describes the continuous backup properties of a 324// cluster. 325message ContinuousBackupInfo { 326 // Output only. The encryption information for the WALs and backups required 327 // for ContinuousBackup. 328 EncryptionInfo encryption_info = 1 329 [(google.api.field_behavior) = OUTPUT_ONLY]; 330 331 // Output only. When ContinuousBackup was most recently enabled. Set to null 332 // if ContinuousBackup is not enabled. 333 google.protobuf.Timestamp enabled_time = 2 334 [(google.api.field_behavior) = OUTPUT_ONLY]; 335 336 // Output only. Days of the week on which a continuous backup is taken. Output 337 // only field. Ignored if passed into the request. 338 repeated google.type.DayOfWeek schedule = 3 339 [(google.api.field_behavior) = OUTPUT_ONLY]; 340 341 // Output only. The earliest restorable time that can be restored to. Output 342 // only field. 343 google.protobuf.Timestamp earliest_restorable_time = 4 344 [(google.api.field_behavior) = OUTPUT_ONLY]; 345} 346 347// Message describing a BackupSource. 348message BackupSource { 349 // Output only. The system-generated UID of the backup which was used to 350 // create this resource. The UID is generated when the backup is created, and 351 // it is retained until the backup is deleted. 352 string backup_uid = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 353 354 // Required. The name of the backup resource with the format: 355 // * projects/{project}/locations/{region}/backups/{backup_id} 356 string backup_name = 1 [ 357 (google.api.field_behavior) = REQUIRED, 358 (google.api.resource_reference) = { type: "alloydb.googleapis.com/Backup" } 359 ]; 360} 361 362// Message describing a ContinuousBackupSource. 363message ContinuousBackupSource { 364 // Required. The source cluster from which to restore. This cluster must have 365 // continuous backup enabled for this operation to succeed. For the required 366 // format, see the comment on the Cluster.name field. 367 string cluster = 1 [(google.api.field_behavior) = REQUIRED]; 368 369 // Required. The point in time to restore to. 370 google.protobuf.Timestamp point_in_time = 2 371 [(google.api.field_behavior) = REQUIRED]; 372} 373 374// A cluster is a collection of regional AlloyDB resources. It can include a 375// primary instance and one or more read pool instances. 376// All cluster resources share a storage layer, which scales as needed. 377message Cluster { 378 option (google.api.resource) = { 379 type: "alloydb.googleapis.com/Cluster" 380 pattern: "projects/{project}/locations/{location}/clusters/{cluster}" 381 style: DECLARATIVE_FRIENDLY 382 }; 383 384 // Metadata related to network configuration. 385 message NetworkConfig { 386 // Required. The resource link for the VPC network in which cluster 387 // resources are created and from which they are accessible via Private IP. 388 // The network must belong to the same project as the cluster. It is 389 // specified in the form: 390 // "projects/{project_number}/global/networks/{network_id}". This is 391 // required to create a cluster. 392 string network = 1 [ 393 (google.api.field_behavior) = REQUIRED, 394 (google.api.resource_reference) = { 395 type: "compute.googleapis.com/Network" 396 } 397 ]; 398 399 // Optional. Name of the allocated IP range for the private IP AlloyDB 400 // cluster, for example: "google-managed-services-default". If set, the 401 // instance IPs for this cluster will be created in the allocated range. The 402 // range name must comply with RFC 1035. Specifically, the name must be 1-63 403 // characters long and match the regular expression 404 // `[a-z]([-a-z0-9]*[a-z0-9])?`. 405 // Field name is intended to be consistent with Cloud SQL. 406 string allocated_ip_range = 2 [(google.api.field_behavior) = OPTIONAL]; 407 } 408 409 // Configuration information for the secondary cluster. This should be set 410 // if and only if the cluster is of type SECONDARY. 411 message SecondaryConfig { 412 // The name of the primary cluster name with the format: 413 // * projects/{project}/locations/{region}/clusters/{cluster_id} 414 string primary_cluster_name = 1; 415 } 416 417 // Configuration for the primary cluster. It has the list of clusters that are 418 // replicating from this cluster. This should be set if and only if the 419 // cluster is of type PRIMARY. 420 message PrimaryConfig { 421 // Output only. Names of the clusters that are replicating from this 422 // cluster. 423 repeated string secondary_cluster_names = 1 424 [(google.api.field_behavior) = OUTPUT_ONLY]; 425 } 426 427 // Cluster State 428 enum State { 429 // The state of the cluster is unknown. 430 STATE_UNSPECIFIED = 0; 431 432 // The cluster is active and running. 433 READY = 1; 434 435 // The cluster is stopped. All instances in the cluster are stopped. 436 // Customers can start a stopped cluster at any point and all their 437 // instances will come back to life with same names and IP resources. In 438 // this state, customer pays for storage. 439 // Associated backups could also be present in a stopped cluster. 440 STOPPED = 2; 441 442 // The cluster is empty and has no associated resources. 443 // All instances, associated storage and backups have been deleted. 444 EMPTY = 3; 445 446 // The cluster is being created. 447 CREATING = 4; 448 449 // The cluster is being deleted. 450 DELETING = 5; 451 452 // The creation of the cluster failed. 453 FAILED = 6; 454 455 // The cluster is bootstrapping with data from some other source. 456 // Direct mutations to the cluster (e.g. adding read pool) are not allowed. 457 BOOTSTRAPPING = 7; 458 459 // The cluster is under maintenance. AlloyDB regularly performs maintenance 460 // and upgrades on customer clusters. Updates on the cluster are 461 // not allowed while the cluster is in this state. 462 MAINTENANCE = 8; 463 464 // The cluster is being promoted. 465 PROMOTING = 9; 466 } 467 468 // Type of Cluster 469 enum ClusterType { 470 // The type of the cluster is unknown. 471 CLUSTER_TYPE_UNSPECIFIED = 0; 472 473 // Primary cluster that support read and write operations. 474 PRIMARY = 1; 475 476 // Secondary cluster that is replicating from another region. 477 // This only supports read. 478 SECONDARY = 2; 479 } 480 481 // In case of an imported cluster, this field contains information about the 482 // source this cluster was imported from. 483 oneof source { 484 // Output only. Cluster created from backup. 485 BackupSource backup_source = 15 [(google.api.field_behavior) = OUTPUT_ONLY]; 486 487 // Output only. Cluster created via DMS migration. 488 MigrationSource migration_source = 16 489 [(google.api.field_behavior) = OUTPUT_ONLY]; 490 } 491 492 // Output only. The name of the cluster resource with the format: 493 // * projects/{project}/locations/{region}/clusters/{cluster_id} 494 // where the cluster ID segment should satisfy the regex expression 495 // `[a-z0-9-]+`. For more details see https://google.aip.dev/122. 496 // The prefix of the cluster resource name is the name of the parent resource: 497 // * projects/{project}/locations/{region} 498 string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 499 500 // User-settable and human-readable display name for the Cluster. 501 string display_name = 2; 502 503 // Output only. The system-generated UID of the resource. The UID is assigned 504 // when the resource is created, and it is retained until it is deleted. 505 string uid = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 506 507 // Output only. Create time stamp 508 google.protobuf.Timestamp create_time = 4 509 [(google.api.field_behavior) = OUTPUT_ONLY]; 510 511 // Output only. Update time stamp 512 google.protobuf.Timestamp update_time = 5 513 [(google.api.field_behavior) = OUTPUT_ONLY]; 514 515 // Output only. Delete time stamp 516 google.protobuf.Timestamp delete_time = 6 517 [(google.api.field_behavior) = OUTPUT_ONLY]; 518 519 // Labels as key value pairs 520 map<string, string> labels = 7; 521 522 // Output only. The current serving state of the cluster. 523 State state = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; 524 525 // Output only. The type of the cluster. This is an output-only field and it's 526 // populated at the Cluster creation time or the Cluster promotion 527 // time. The cluster type is determined by which RPC was used to create 528 // the cluster (i.e. `CreateCluster` vs. `CreateSecondaryCluster` 529 ClusterType cluster_type = 24 [(google.api.field_behavior) = OUTPUT_ONLY]; 530 531 // Optional. The database engine major version. This is an optional field and 532 // it is populated at the Cluster creation time. If a database version is not 533 // supplied at cluster creation time, then a default database version will 534 // be used. 535 DatabaseVersion database_version = 9 [(google.api.field_behavior) = OPTIONAL]; 536 537 NetworkConfig network_config = 29 [(google.api.field_behavior) = OPTIONAL]; 538 539 // Required. The resource link for the VPC network in which cluster resources 540 // are created and from which they are accessible via Private IP. The network 541 // must belong to the same project as the cluster. It is specified in the 542 // form: "projects/{project}/global/networks/{network_id}". This is required 543 // to create a cluster. Deprecated, use network_config.network instead. 544 string network = 10 [ 545 deprecated = true, 546 (google.api.field_behavior) = REQUIRED, 547 (google.api.resource_reference) = { type: "compute.googleapis.com/Network" } 548 ]; 549 550 // For Resource freshness validation (https://google.aip.dev/154) 551 string etag = 11; 552 553 // Annotations to allow client tools to store small amount of arbitrary data. 554 // This is distinct from labels. 555 // https://google.aip.dev/128 556 map<string, string> annotations = 12; 557 558 // Output only. Reconciling (https://google.aip.dev/128#reconciliation). 559 // Set to true if the current state of Cluster does not match the user's 560 // intended state, and the service is actively updating the resource to 561 // reconcile them. This can happen due to user-triggered updates or 562 // system actions like failover or maintenance. 563 bool reconciling = 13 [(google.api.field_behavior) = OUTPUT_ONLY]; 564 565 // Input only. Initial user to setup during cluster creation. Required. 566 // If used in `RestoreCluster` this is ignored. 567 UserPassword initial_user = 14 [(google.api.field_behavior) = INPUT_ONLY]; 568 569 // The automated backup policy for this cluster. 570 // 571 // If no policy is provided then the default policy will be used. If backups 572 // are supported for the cluster, the default policy takes one backup a day, 573 // has a backup window of 1 hour, and retains backups for 14 days. 574 // For more information on the defaults, consult the 575 // documentation for the message type. 576 AutomatedBackupPolicy automated_backup_policy = 17; 577 578 // SSL configuration for this AlloyDB cluster. 579 SslConfig ssl_config = 18 [deprecated = true]; 580 581 // Optional. The encryption config can be specified to encrypt the data disks 582 // and other persistent data resources of a cluster with a 583 // customer-managed encryption key (CMEK). When this field is not 584 // specified, the cluster will then use default encryption scheme to 585 // protect the user data. 586 EncryptionConfig encryption_config = 19 587 [(google.api.field_behavior) = OPTIONAL]; 588 589 // Output only. The encryption information for the cluster. 590 EncryptionInfo encryption_info = 20 591 [(google.api.field_behavior) = OUTPUT_ONLY]; 592 593 // Optional. Continuous backup configuration for this cluster. 594 ContinuousBackupConfig continuous_backup_config = 27 595 [(google.api.field_behavior) = OPTIONAL]; 596 597 // Output only. Continuous backup properties for this cluster. 598 ContinuousBackupInfo continuous_backup_info = 28 599 [(google.api.field_behavior) = OUTPUT_ONLY]; 600 601 // Cross Region replication config specific to SECONDARY cluster. 602 SecondaryConfig secondary_config = 22; 603 604 // Output only. Cross Region replication config specific to PRIMARY cluster. 605 PrimaryConfig primary_config = 23 [(google.api.field_behavior) = OUTPUT_ONLY]; 606} 607 608// An Instance is a computing unit that an end customer can connect to. 609// It's the main unit of computing resources in AlloyDB. 610message Instance { 611 option (google.api.resource) = { 612 type: "alloydb.googleapis.com/Instance" 613 pattern: "projects/{project}/locations/{location}/clusters/{cluster}/instances/{instance}" 614 style: DECLARATIVE_FRIENDLY 615 }; 616 617 // MachineConfig describes the configuration of a machine. 618 message MachineConfig { 619 // The number of CPU's in the VM instance. 620 int32 cpu_count = 1; 621 } 622 623 // Details of a single node in the instance. 624 // Nodes in an AlloyDB instance are ephemereal, they can change during 625 // update, failover, autohealing and resize operations. 626 message Node { 627 // The Compute Engine zone of the VM e.g. "us-central1-b". 628 string zone_id = 1; 629 630 // The identifier of the VM e.g. "test-read-0601-407e52be-ms3l". 631 string id = 2; 632 633 // The private IP address of the VM e.g. "10.57.0.34". 634 string ip = 3; 635 636 // Determined by state of the compute VM and postgres-service health. 637 // Compute VM state can have values listed in 638 // https://cloud.google.com/compute/docs/instances/instance-life-cycle and 639 // postgres-service health can have values: HEALTHY and UNHEALTHY. 640 string state = 4; 641 } 642 643 // QueryInsights Instance specific configuration. 644 message QueryInsightsInstanceConfig { 645 // Record application tags for an instance. 646 // This flag is turned "on" by default. 647 optional bool record_application_tags = 2; 648 649 // Record client address for an instance. Client address is PII information. 650 // This flag is turned "on" by default. 651 optional bool record_client_address = 3; 652 653 // Query string length. The default value is 1024. 654 // Any integer between 256 and 4500 is considered valid. 655 uint32 query_string_length = 4; 656 657 // Number of query execution plans captured by Insights per minute 658 // for all queries combined. The default value is 5. 659 // Any integer between 0 and 20 is considered valid. 660 optional uint32 query_plans_per_minute = 5; 661 } 662 663 // Configuration for a read pool instance. 664 message ReadPoolConfig { 665 // Read capacity, i.e. number of nodes in a read pool instance. 666 int32 node_count = 1; 667 } 668 669 // Client connection configuration 670 message ClientConnectionConfig { 671 // Optional. Configuration to enforce connectors only (ex: AuthProxy) 672 // connections to the database. 673 bool require_connectors = 1 [(google.api.field_behavior) = OPTIONAL]; 674 675 // Optional. SSL config option for this instance. 676 SslConfig ssl_config = 2 [(google.api.field_behavior) = OPTIONAL]; 677 } 678 679 // Instance State 680 enum State { 681 // The state of the instance is unknown. 682 STATE_UNSPECIFIED = 0; 683 684 // The instance is active and running. 685 READY = 1; 686 687 // The instance is stopped. Instance name and IP resources are preserved. 688 STOPPED = 2; 689 690 // The instance is being created. 691 CREATING = 3; 692 693 // The instance is being deleted. 694 DELETING = 4; 695 696 // The instance is down for maintenance. 697 MAINTENANCE = 5; 698 699 // The creation of the instance failed or a fatal error occurred during 700 // an operation on the instance. 701 // Note: Instances in this state would tried to be auto-repaired. And 702 // Customers should be able to restart, update or delete these instances. 703 FAILED = 6; 704 705 // Index 7 is used in the producer apis for ROLLED_BACK state. Keeping that 706 // index unused in case that state also needs to exposed via consumer apis 707 // in future. 708 // The instance has been configured to sync data from some other source. 709 BOOTSTRAPPING = 8; 710 711 // The instance is being promoted. 712 PROMOTING = 9; 713 } 714 715 // Type of an Instance 716 enum InstanceType { 717 // The type of the instance is unknown. 718 INSTANCE_TYPE_UNSPECIFIED = 0; 719 720 // PRIMARY instances support read and write operations. 721 PRIMARY = 1; 722 723 // READ POOL instances support read operations only. Each read pool instance 724 // consists of one or more homogeneous nodes. 725 // * Read pool of size 1 can only have zonal availability. 726 // * Read pools with node count of 2 or more can have regional 727 // availability (nodes are present in 2 or more zones in a region). 728 READ_POOL = 2; 729 730 // SECONDARY instances support read operations only. SECONDARY instance 731 // is a cross-region read replica 732 SECONDARY = 3; 733 } 734 735 // The Availability type of an instance. Potential values: 736 // 737 // - ZONAL: The instance serves data from only one zone. Outages in that 738 // zone affect instance availability. 739 // - REGIONAL: The instance can serve data from more than one zone in a 740 // region (it is highly available). 741 enum AvailabilityType { 742 // This is an unknown Availability type. 743 AVAILABILITY_TYPE_UNSPECIFIED = 0; 744 745 // Zonal available instance. 746 ZONAL = 1; 747 748 // Regional (or Highly) available instance. 749 REGIONAL = 2; 750 } 751 752 // Output only. The name of the instance resource with the format: 753 // * projects/{project}/locations/{region}/clusters/{cluster_id}/instances/{instance_id} 754 // where the cluster and instance ID segments should satisfy the regex 755 // expression `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`, e.g. 1-63 characters of 756 // lowercase letters, numbers, and dashes, starting with a letter, and ending 757 // with a letter or number. For more details see https://google.aip.dev/122. 758 // The prefix of the instance resource name is the name of the parent 759 // resource: 760 // * projects/{project}/locations/{region}/clusters/{cluster_id} 761 string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 762 763 // User-settable and human-readable display name for the Instance. 764 string display_name = 2; 765 766 // Output only. The system-generated UID of the resource. The UID is assigned 767 // when the resource is created, and it is retained until it is deleted. 768 string uid = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 769 770 // Output only. Create time stamp 771 google.protobuf.Timestamp create_time = 4 772 [(google.api.field_behavior) = OUTPUT_ONLY]; 773 774 // Output only. Update time stamp 775 google.protobuf.Timestamp update_time = 5 776 [(google.api.field_behavior) = OUTPUT_ONLY]; 777 778 // Output only. Delete time stamp 779 google.protobuf.Timestamp delete_time = 6 780 [(google.api.field_behavior) = OUTPUT_ONLY]; 781 782 // Labels as key value pairs 783 map<string, string> labels = 7; 784 785 // Output only. The current serving state of the instance. 786 State state = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; 787 788 // Required. The type of the instance. Specified at creation time. 789 InstanceType instance_type = 9 [(google.api.field_behavior) = REQUIRED]; 790 791 // Configurations for the machines that host the underlying 792 // database engine. 793 MachineConfig machine_config = 10; 794 795 // Availability type of an Instance. 796 // If empty, defaults to REGIONAL for primary instances. 797 // For read pools, availability_type is always UNSPECIFIED. Instances in the 798 // read pools are evenly distributed across available zones within the region 799 // (i.e. read pools with more than one node will have a node in at 800 // least two zones). 801 AvailabilityType availability_type = 11; 802 803 // The Compute Engine zone that the instance should serve from, per 804 // https://cloud.google.com/compute/docs/regions-zones 805 // This can ONLY be specified for ZONAL instances. 806 // If present for a REGIONAL instance, an error will be thrown. 807 // If this is absent for a ZONAL instance, instance is created in a random 808 // zone with available capacity. 809 string gce_zone = 12; 810 811 // Database flags. Set at instance level. 812 // * They are copied from primary instance on read instance creation. 813 // * Read instances can set new or override existing flags that are relevant 814 // for reads, e.g. for enabling columnar cache on a read instance. Flags 815 // set on read instance may or may not be present on primary. 816 // 817 // 818 // This is a list of "key": "value" pairs. 819 // "key": The name of the flag. These flags are passed at instance setup time, 820 // so include both server options and system variables for Postgres. Flags are 821 // specified with underscores, not hyphens. 822 // "value": The value of the flag. Booleans are set to **on** for true 823 // and **off** for false. This field must be omitted if the flag 824 // doesn't take a value. 825 map<string, string> database_flags = 13; 826 827 // Output only. This is set for the read-write VM of the PRIMARY instance 828 // only. 829 Node writable_node = 19 [(google.api.field_behavior) = OUTPUT_ONLY]; 830 831 // Output only. List of available read-only VMs in this instance, including 832 // the standby for a PRIMARY instance. 833 repeated Node nodes = 20 [(google.api.field_behavior) = OUTPUT_ONLY]; 834 835 // Configuration for query insights. 836 QueryInsightsInstanceConfig query_insights_config = 21; 837 838 // Read pool instance configuration. 839 // This is required if the value of instanceType is READ_POOL. 840 ReadPoolConfig read_pool_config = 14; 841 842 // Output only. The IP address for the Instance. 843 // This is the connection endpoint for an end-user application. 844 string ip_address = 15 [(google.api.field_behavior) = OUTPUT_ONLY]; 845 846 // Output only. Reconciling (https://google.aip.dev/128#reconciliation). 847 // Set to true if the current state of Instance does not match the user's 848 // intended state, and the service is actively updating the resource to 849 // reconcile them. This can happen due to user-triggered updates or 850 // system actions like failover or maintenance. 851 bool reconciling = 16 [(google.api.field_behavior) = OUTPUT_ONLY]; 852 853 // For Resource freshness validation (https://google.aip.dev/154) 854 string etag = 17; 855 856 // Annotations to allow client tools to store small amount of arbitrary data. 857 // This is distinct from labels. 858 // https://google.aip.dev/128 859 map<string, string> annotations = 18; 860 861 // Optional. Client connection specific configurations 862 ClientConnectionConfig client_connection_config = 23 863 [(google.api.field_behavior) = OPTIONAL]; 864} 865 866// ConnectionInfo singleton resource. 867// https://google.aip.dev/156 868message ConnectionInfo { 869 option (google.api.resource) = { 870 type: "alloydb.googleapis.com/ConnectionInfo" 871 pattern: "projects/{project}/locations/{location}/clusters/{cluster}/instances/{instance}/connectionInfo" 872 }; 873 874 // The name of the ConnectionInfo singleton resource, e.g.: 875 // projects/{project}/locations/{location}/clusters/*/instances/*/connectionInfo 876 // This field currently has no semantic meaning. 877 string name = 1; 878 879 // Output only. The private network IP address for the Instance. This is the 880 // default IP for the instance and is always created (even if enable_public_ip 881 // is set). This is the connection endpoint for an end-user application. 882 string ip_address = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 883 884 // Output only. The unique ID of the Instance. 885 string instance_uid = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 886} 887 888// Message describing Backup object 889message Backup { 890 option (google.api.resource) = { 891 type: "alloydb.googleapis.com/Backup" 892 pattern: "projects/{project}/locations/{location}/backups/{backup}" 893 style: DECLARATIVE_FRIENDLY 894 }; 895 896 // A backup's position in a quantity-based retention queue, of backups with 897 // the same source cluster and type, with length, retention, specified by the 898 // backup's retention policy. 899 // Once the position is greater than the retention, the backup is eligible to 900 // be garbage collected. 901 // 902 // Example: 5 backups from the same source cluster and type with a 903 // quantity-based retention of 3 and denoted by backup_id (position, 904 // retention). 905 // 906 // Safe: backup_5 (1, 3), backup_4, (2, 3), backup_3 (3, 3). 907 // Awaiting garbage collection: backup_2 (4, 3), backup_1 (5, 3) 908 message QuantityBasedExpiry { 909 // Output only. The backup's position among its backups with the same source 910 // cluster and type, by descending chronological order create time(i.e. 911 // newest first). 912 int32 retention_count = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 913 914 // Output only. The length of the quantity-based queue, specified by the 915 // backup's retention policy. 916 int32 total_retention_count = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 917 } 918 919 // Backup State 920 enum State { 921 // The state of the backup is unknown. 922 STATE_UNSPECIFIED = 0; 923 924 // The backup is ready. 925 READY = 1; 926 927 // The backup is creating. 928 CREATING = 2; 929 930 // The backup failed. 931 FAILED = 3; 932 933 // The backup is being deleted. 934 DELETING = 4; 935 } 936 937 // Backup Type 938 enum Type { 939 // Backup Type is unknown. 940 TYPE_UNSPECIFIED = 0; 941 942 // ON_DEMAND backups that were triggered by the customer (e.g., not 943 // AUTOMATED). 944 ON_DEMAND = 1; 945 946 // AUTOMATED backups triggered by the automated backups scheduler pursuant 947 // to an automated backup policy. 948 AUTOMATED = 2; 949 950 // CONTINUOUS backups triggered by the automated backups scheduler 951 // due to a continuous backup policy. 952 CONTINUOUS = 3; 953 } 954 955 // Output only. The name of the backup resource with the format: 956 // * projects/{project}/locations/{region}/backups/{backup_id} 957 // where the cluster and backup ID segments should satisfy the regex 958 // expression `[a-z]([a-z0-9-]{0,61}[a-z0-9])?`, e.g. 1-63 characters of 959 // lowercase letters, numbers, and dashes, starting with a letter, and ending 960 // with a letter or number. For more details see https://google.aip.dev/122. 961 // The prefix of the backup resource name is the name of the parent 962 // resource: 963 // * projects/{project}/locations/{region} 964 string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 965 966 // User-settable and human-readable display name for the Backup. 967 string display_name = 2; 968 969 // Output only. The system-generated UID of the resource. The UID is assigned 970 // when the resource is created, and it is retained until it is deleted. 971 string uid = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 972 973 // Output only. Create time stamp 974 google.protobuf.Timestamp create_time = 4 975 [(google.api.field_behavior) = OUTPUT_ONLY]; 976 977 // Output only. Update time stamp 978 google.protobuf.Timestamp update_time = 5 979 [(google.api.field_behavior) = OUTPUT_ONLY]; 980 981 // Output only. Delete time stamp 982 google.protobuf.Timestamp delete_time = 15 983 [(google.api.field_behavior) = OUTPUT_ONLY]; 984 985 // Labels as key value pairs 986 map<string, string> labels = 6; 987 988 // Output only. The current state of the backup. 989 State state = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; 990 991 // The backup type, which suggests the trigger for the backup. 992 Type type = 8; 993 994 // User-provided description of the backup. 995 string description = 9; 996 997 // Output only. The system-generated UID of the cluster which was used to 998 // create this resource. 999 string cluster_uid = 18 [(google.api.field_behavior) = OUTPUT_ONLY]; 1000 1001 // Required. The full resource name of the backup source cluster 1002 // (e.g., projects/{project}/locations/{region}/clusters/{cluster_id}). 1003 string cluster_name = 10 [ 1004 (google.api.field_behavior) = REQUIRED, 1005 (google.api.resource_reference) = { type: "alloydb.googleapis.com/Cluster" } 1006 ]; 1007 1008 // Output only. Reconciling (https://google.aip.dev/128#reconciliation), if 1009 // true, indicates that the service is actively updating the resource. This 1010 // can happen due to user-triggered updates or system actions like failover or 1011 // maintenance. 1012 bool reconciling = 11 [(google.api.field_behavior) = OUTPUT_ONLY]; 1013 1014 // Optional. The encryption config can be specified to encrypt the 1015 // backup with a customer-managed encryption key (CMEK). When this field is 1016 // not specified, the backup will then use default encryption scheme to 1017 // protect the user data. 1018 EncryptionConfig encryption_config = 12 1019 [(google.api.field_behavior) = OPTIONAL]; 1020 1021 // Output only. The encryption information for the backup. 1022 EncryptionInfo encryption_info = 13 1023 [(google.api.field_behavior) = OUTPUT_ONLY]; 1024 1025 // For Resource freshness validation (https://google.aip.dev/154) 1026 string etag = 14; 1027 1028 // Annotations to allow client tools to store small amount of arbitrary data. 1029 // This is distinct from labels. 1030 // https://google.aip.dev/128 1031 map<string, string> annotations = 16; 1032 1033 // Output only. The size of the backup in bytes. 1034 int64 size_bytes = 17 [(google.api.field_behavior) = OUTPUT_ONLY]; 1035 1036 // Output only. The time at which after the backup is eligible to be garbage 1037 // collected. It is the duration specified by the backup's retention policy, 1038 // added to the backup's create_time. 1039 google.protobuf.Timestamp expiry_time = 19 1040 [(google.api.field_behavior) = OUTPUT_ONLY]; 1041 1042 // Output only. The QuantityBasedExpiry of the backup, specified by the 1043 // backup's retention policy. Once the expiry quantity is over retention, the 1044 // backup is eligible to be garbage collected. 1045 QuantityBasedExpiry expiry_quantity = 20 1046 [(google.api.field_behavior) = OUTPUT_ONLY]; 1047 1048 // Output only. The database engine major version of the cluster this backup 1049 // was created from. Any restored cluster created from this backup will have 1050 // the same database version. 1051 DatabaseVersion database_version = 22 1052 [(google.api.field_behavior) = OUTPUT_ONLY]; 1053} 1054 1055// SupportedDatabaseFlag gives general information about a database flag, 1056// like type and allowed values. This is a static value that is defined 1057// on the server side, and it cannot be modified by callers. 1058// To set the Database flags on a particular Instance, a caller should modify 1059// the Instance.database_flags field. 1060message SupportedDatabaseFlag { 1061 option (google.api.resource) = { 1062 type: "alloydb.googleapis.com/SupportedDatabaseFlag" 1063 pattern: "projects/{project}/locations/{location}/flags/{flag}" 1064 }; 1065 1066 // Restrictions on STRING type values 1067 message StringRestrictions { 1068 // The list of allowed values, if bounded. This field will be empty 1069 // if there is a unbounded number of allowed values. 1070 repeated string allowed_values = 1; 1071 } 1072 1073 // Restrictions on INTEGER type values. 1074 message IntegerRestrictions { 1075 // The minimum value that can be specified, if applicable. 1076 google.protobuf.Int64Value min_value = 1; 1077 1078 // The maximum value that can be specified, if applicable. 1079 google.protobuf.Int64Value max_value = 2; 1080 } 1081 1082 // ValueType describes the semantic type of the value that the flag accepts. 1083 // Regardless of the ValueType, the Instance.database_flags field accepts the 1084 // stringified version of the value, i.e. "20" or "3.14". 1085 enum ValueType { 1086 // This is an unknown flag type. 1087 VALUE_TYPE_UNSPECIFIED = 0; 1088 1089 // String type flag. 1090 STRING = 1; 1091 1092 // Integer type flag. 1093 INTEGER = 2; 1094 1095 // Float type flag. 1096 FLOAT = 3; 1097 1098 // Denotes that the flag does not accept any values. 1099 NONE = 4; 1100 } 1101 1102 // The restrictions on the flag value per type. 1103 oneof restrictions { 1104 // Restriction on STRING type value. 1105 StringRestrictions string_restrictions = 7; 1106 1107 // Restriction on INTEGER type value. 1108 IntegerRestrictions integer_restrictions = 8; 1109 } 1110 1111 // The name of the flag resource, following Google Cloud conventions, e.g.: 1112 // * projects/{project}/locations/{location}/flags/{flag} 1113 // This field currently has no semantic meaning. 1114 string name = 1; 1115 1116 // The name of the database flag, e.g. "max_allowed_packets". 1117 // The is a possibly key for the Instance.database_flags map field. 1118 string flag_name = 2; 1119 1120 ValueType value_type = 3; 1121 1122 // Whether the database flag accepts multiple values. If true, 1123 // a comma-separated list of stringified values may be specified. 1124 bool accepts_multiple_values = 4; 1125 1126 // Major database engine versions for which this flag is supported. 1127 repeated DatabaseVersion supported_db_versions = 5; 1128 1129 // Whether setting or updating this flag on an Instance requires a database 1130 // restart. If a flag that requires database restart is set, the backend 1131 // will automatically restart the database (making sure to satisfy any 1132 // availability SLO's). 1133 bool requires_db_restart = 6; 1134} 1135 1136// Message describing User object. 1137message User { 1138 option (google.api.resource) = { 1139 type: "alloydb.googleapis.com/User" 1140 pattern: "projects/{project}/locations/{location}/clusters/{cluster}/users/{user}" 1141 style: DECLARATIVE_FRIENDLY 1142 }; 1143 1144 // Enum that details the user type. 1145 enum UserType { 1146 // Unspecified user type. 1147 USER_TYPE_UNSPECIFIED = 0; 1148 1149 // The default user type that authenticates via password-based 1150 // authentication. 1151 ALLOYDB_BUILT_IN = 1; 1152 1153 // Database user that can authenticate via IAM-Based authentication. 1154 ALLOYDB_IAM_USER = 2; 1155 } 1156 1157 // Output only. Name of the resource in the form of 1158 // projects/{project}/locations/{location}/cluster/{cluster}/users/{user}. 1159 string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 1160 1161 // Input only. Password for the user. 1162 string password = 2 [(google.api.field_behavior) = INPUT_ONLY]; 1163 1164 // Optional. List of database roles this user has. 1165 // The database role strings are subject to the PostgreSQL naming conventions. 1166 repeated string database_roles = 4 [(google.api.field_behavior) = OPTIONAL]; 1167 1168 // Optional. Type of this user. 1169 UserType user_type = 5 [(google.api.field_behavior) = OPTIONAL]; 1170} 1171