xref: /aosp_15_r20/external/googleapis/google/cloud/gkemulticloud/v1/aws_service.proto (revision d5c09012810ac0c9f33fe448fb6da8260d444cc9) 
1// Copyright 2023 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15syntax = "proto3";
16
17package google.cloud.gkemulticloud.v1;
18
19import "google/api/annotations.proto";
20import "google/api/client.proto";
21import "google/api/field_behavior.proto";
22import "google/api/resource.proto";
23import "google/cloud/gkemulticloud/v1/aws_resources.proto";
24import "google/cloud/gkemulticloud/v1/common_resources.proto";
25import "google/longrunning/operations.proto";
26import "google/protobuf/empty.proto";
27import "google/protobuf/field_mask.proto";
28import "google/protobuf/timestamp.proto";
29
30option csharp_namespace = "Google.Cloud.GkeMultiCloud.V1";
31option go_package = "cloud.google.com/go/gkemulticloud/apiv1/gkemulticloudpb;gkemulticloudpb";
32option java_multiple_files = true;
33option java_outer_classname = "AwsServiceProto";
34option java_package = "com.google.cloud.gkemulticloud.v1";
35option php_namespace = "Google\\Cloud\\GkeMultiCloud\\V1";
36option ruby_package = "Google::Cloud::GkeMultiCloud::V1";
37
38// The AwsClusters API provides a single centrally managed service
39// to create and manage Anthos clusters that run on AWS infrastructure.
40service AwsClusters {
41  option (google.api.default_host) = "gkemulticloud.googleapis.com";
42  option (google.api.oauth_scopes) =
43      "https://www.googleapis.com/auth/cloud-platform";
44
45  // Creates a new [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster]
46  // resource on a given Google Cloud Platform project and region.
47  //
48  // If successful, the response contains a newly created
49  // [Operation][google.longrunning.Operation] resource that can be
50  // described to track the status of the operation.
51  rpc CreateAwsCluster(CreateAwsClusterRequest)
52      returns (google.longrunning.Operation) {
53    option (google.api.http) = {
54      post: "/v1/{parent=projects/*/locations/*}/awsClusters"
55      body: "aws_cluster"
56    };
57    option (google.api.method_signature) = "parent,aws_cluster,aws_cluster_id";
58    option (google.longrunning.operation_info) = {
59      response_type: "AwsCluster"
60      metadata_type: "OperationMetadata"
61    };
62  }
63
64  // Updates an [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster].
65  rpc UpdateAwsCluster(UpdateAwsClusterRequest)
66      returns (google.longrunning.Operation) {
67    option (google.api.http) = {
68      patch: "/v1/{aws_cluster.name=projects/*/locations/*/awsClusters/*}"
69      body: "aws_cluster"
70    };
71    option (google.api.method_signature) = "aws_cluster,update_mask";
72    option (google.longrunning.operation_info) = {
73      response_type: "AwsCluster"
74      metadata_type: "OperationMetadata"
75    };
76  }
77
78  // Describes a specific [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster]
79  // resource.
80  rpc GetAwsCluster(GetAwsClusterRequest) returns (AwsCluster) {
81    option (google.api.http) = {
82      get: "/v1/{name=projects/*/locations/*/awsClusters/*}"
83    };
84    option (google.api.method_signature) = "name";
85  }
86
87  // Lists all [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resources
88  // on a given Google Cloud project and region.
89  rpc ListAwsClusters(ListAwsClustersRequest)
90      returns (ListAwsClustersResponse) {
91    option (google.api.http) = {
92      get: "/v1/{parent=projects/*/locations/*}/awsClusters"
93    };
94    option (google.api.method_signature) = "parent";
95  }
96
97  // Deletes a specific [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster]
98  // resource.
99  //
100  // Fails if the cluster has one or more associated
101  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] resources.
102  //
103  // If successful, the response contains a newly created
104  // [Operation][google.longrunning.Operation] resource that can be
105  // described to track the status of the operation.
106  rpc DeleteAwsCluster(DeleteAwsClusterRequest)
107      returns (google.longrunning.Operation) {
108    option (google.api.http) = {
109      delete: "/v1/{name=projects/*/locations/*/awsClusters/*}"
110    };
111    option (google.api.method_signature) = "name";
112    option (google.longrunning.operation_info) = {
113      response_type: "google.protobuf.Empty"
114      metadata_type: "OperationMetadata"
115    };
116  }
117
118  // Generates an access token for a cluster agent.
119  rpc GenerateAwsClusterAgentToken(GenerateAwsClusterAgentTokenRequest)
120      returns (GenerateAwsClusterAgentTokenResponse) {
121    option (google.api.http) = {
122      post: "/v1/{aws_cluster=projects/*/locations/*/awsClusters/*}:generateAwsClusterAgentToken"
123      body: "*"
124    };
125  }
126
127  // Generates a short-lived access token to authenticate to a given
128  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resource.
129  rpc GenerateAwsAccessToken(GenerateAwsAccessTokenRequest)
130      returns (GenerateAwsAccessTokenResponse) {
131    option (google.api.http) = {
132      get: "/v1/{aws_cluster=projects/*/locations/*/awsClusters/*}:generateAwsAccessToken"
133    };
134  }
135
136  // Creates a new [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool],
137  // attached to a given [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster].
138  //
139  // If successful, the response contains a newly created
140  // [Operation][google.longrunning.Operation] resource that can be
141  // described to track the status of the operation.
142  rpc CreateAwsNodePool(CreateAwsNodePoolRequest)
143      returns (google.longrunning.Operation) {
144    option (google.api.http) = {
145      post: "/v1/{parent=projects/*/locations/*/awsClusters/*}/awsNodePools"
146      body: "aws_node_pool"
147    };
148    option (google.api.method_signature) =
149        "parent,aws_node_pool,aws_node_pool_id";
150    option (google.longrunning.operation_info) = {
151      response_type: "AwsNodePool"
152      metadata_type: "OperationMetadata"
153    };
154  }
155
156  // Updates an [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool].
157  rpc UpdateAwsNodePool(UpdateAwsNodePoolRequest)
158      returns (google.longrunning.Operation) {
159    option (google.api.http) = {
160      patch: "/v1/{aws_node_pool.name=projects/*/locations/*/awsClusters/*/awsNodePools/*}"
161      body: "aws_node_pool"
162    };
163    option (google.api.method_signature) = "aws_node_pool,update_mask";
164    option (google.longrunning.operation_info) = {
165      response_type: "AwsNodePool"
166      metadata_type: "OperationMetadata"
167    };
168  }
169
170  // Rolls back a previously aborted or failed
171  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] update request.
172  // Makes no changes if the last update request successfully finished.
173  // If an update request is in progress, you cannot rollback the update.
174  // You must first cancel or let it finish unsuccessfully before you can
175  // rollback.
176  rpc RollbackAwsNodePoolUpdate(RollbackAwsNodePoolUpdateRequest)
177      returns (google.longrunning.Operation) {
178    option (google.api.http) = {
179      post: "/v1/{name=projects/*/locations/*/awsClusters/*/awsNodePools/*}:rollback"
180      body: "*"
181    };
182    option (google.api.method_signature) = "name";
183    option (google.longrunning.operation_info) = {
184      response_type: "AwsNodePool"
185      metadata_type: "OperationMetadata"
186    };
187  }
188
189  // Describes a specific
190  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] resource.
191  rpc GetAwsNodePool(GetAwsNodePoolRequest) returns (AwsNodePool) {
192    option (google.api.http) = {
193      get: "/v1/{name=projects/*/locations/*/awsClusters/*/awsNodePools/*}"
194    };
195    option (google.api.method_signature) = "name";
196  }
197
198  // Lists all [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool]
199  // resources on a given
200  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster].
201  rpc ListAwsNodePools(ListAwsNodePoolsRequest)
202      returns (ListAwsNodePoolsResponse) {
203    option (google.api.http) = {
204      get: "/v1/{parent=projects/*/locations/*/awsClusters/*}/awsNodePools"
205    };
206    option (google.api.method_signature) = "parent";
207  }
208
209  // Deletes a specific [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool]
210  // resource.
211  //
212  // If successful, the response contains a newly created
213  // [Operation][google.longrunning.Operation] resource that can be
214  // described to track the status of the operation.
215  rpc DeleteAwsNodePool(DeleteAwsNodePoolRequest)
216      returns (google.longrunning.Operation) {
217    option (google.api.http) = {
218      delete: "/v1/{name=projects/*/locations/*/awsClusters/*/awsNodePools/*}"
219    };
220    option (google.api.method_signature) = "name";
221    option (google.longrunning.operation_info) = {
222      response_type: "google.protobuf.Empty"
223      metadata_type: "OperationMetadata"
224    };
225  }
226
227  // Gets the OIDC discovery document for the cluster.
228  // See the
229  // [OpenID Connect Discovery 1.0
230  // specification](https://openid.net/specs/openid-connect-discovery-1_0.html)
231  // for details.
232  rpc GetAwsOpenIdConfig(GetAwsOpenIdConfigRequest) returns (AwsOpenIdConfig) {
233    option (google.api.http) = {
234      get: "/v1/{aws_cluster=projects/*/locations/*/awsClusters/*}/.well-known/openid-configuration"
235    };
236  }
237
238  // Gets the public component of the cluster signing keys in
239  // JSON Web Key format.
240  rpc GetAwsJsonWebKeys(GetAwsJsonWebKeysRequest) returns (AwsJsonWebKeys) {
241    option (google.api.http) = {
242      get: "/v1/{aws_cluster=projects/*/locations/*/awsClusters/*}/jwks"
243    };
244  }
245
246  // Returns information, such as supported AWS regions and Kubernetes
247  // versions, on a given Google Cloud location.
248  rpc GetAwsServerConfig(GetAwsServerConfigRequest) returns (AwsServerConfig) {
249    option (google.api.http) = {
250      get: "/v1/{name=projects/*/locations/*/awsServerConfig}"
251    };
252    option (google.api.method_signature) = "name";
253  }
254}
255
256// Request message for `AwsClusters.CreateAwsCluster` method.
257message CreateAwsClusterRequest {
258  // Required. The parent location where this
259  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resource will be
260  // created.
261  //
262  // Location names are formatted as `projects/<project-id>/locations/<region>`.
263  //
264  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
265  // for more details on Google Cloud resource names.
266  string parent = 1 [
267    (google.api.field_behavior) = REQUIRED,
268    (google.api.resource_reference) = {
269      child_type: "gkemulticloud.googleapis.com/AwsCluster"
270    }
271  ];
272
273  // Required. The specification of the
274  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] to create.
275  AwsCluster aws_cluster = 2 [(google.api.field_behavior) = REQUIRED];
276
277  // Required. A client provided ID the resource. Must be unique within the
278  // parent resource.
279  //
280  // The provided ID will be part of the
281  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resource name
282  // formatted as
283  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>`.
284  //
285  // Valid characters are `/[a-z][0-9]-/`. Cannot be longer than 63 characters.
286  string aws_cluster_id = 3 [(google.api.field_behavior) = REQUIRED];
287
288  // If set, only validate the request, but do not actually create the cluster.
289  bool validate_only = 4;
290}
291
292// Request message for `AwsClusters.UpdateAwsCluster` method.
293message UpdateAwsClusterRequest {
294  // Required. The [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster]
295  // resource to update.
296  AwsCluster aws_cluster = 1 [(google.api.field_behavior) = REQUIRED];
297
298  // If set, only validate the request, but do not actually update the cluster.
299  bool validate_only = 2;
300
301  // Required. Mask of fields to update. At least one path must be supplied in
302  // this field. The elements of the repeated paths field can only include these
303  // fields from [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster]:
304  //
305  //  *   `description`.
306  //  *   `annotations`.
307  //  *   `control_plane.version`.
308  //  *   `authorization.admin_users`.
309  //  *   `authorization.admin_groups`.
310  //  *   `binary_authorization.evaluation_mode`.
311  //  *   `control_plane.aws_services_authentication.role_arn`.
312  //  *   `control_plane.aws_services_authentication.role_session_name`.
313  //  *   `control_plane.config_encryption.kms_key_arn`.
314  //  *   `control_plane.instance_type`.
315  //  *   `control_plane.security_group_ids`.
316  //  *   `control_plane.proxy_config`.
317  //  *   `control_plane.proxy_config.secret_arn`.
318  //  *   `control_plane.proxy_config.secret_version`.
319  //  *   `control_plane.root_volume.size_gib`.
320  //  *   `control_plane.root_volume.volume_type`.
321  //  *   `control_plane.root_volume.iops`.
322  //  *   `control_plane.root_volume.throughput`.
323  //  *   `control_plane.root_volume.kms_key_arn`.
324  //  *   `control_plane.ssh_config`.
325  //  *   `control_plane.ssh_config.ec2_key_pair`.
326  //  *   `control_plane.instance_placement.tenancy`.
327  //  *   `control_plane.iam_instance_profile`.
328  //  *   `logging_config.component_config.enable_components`.
329  //  *   `control_plane.tags`.
330  //  *   `monitoring_config.managed_prometheus_config.enabled`.
331  //  *   `networking.per_node_pool_sg_rules_disabled`.
332  google.protobuf.FieldMask update_mask = 4
333      [(google.api.field_behavior) = REQUIRED];
334}
335
336// Request message for `AwsClusters.GetAwsCluster` method.
337message GetAwsClusterRequest {
338  // Required. The name of the
339  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resource to
340  // describe.
341  //
342  // `AwsCluster` names are formatted as
343  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>`.
344  //
345  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
346  // for more details on Google Cloud Platform resource names.
347  string name = 1 [
348    (google.api.field_behavior) = REQUIRED,
349    (google.api.resource_reference) = {
350      type: "gkemulticloud.googleapis.com/AwsCluster"
351    }
352  ];
353}
354
355// Request message for `AwsClusters.ListAwsClusters` method.
356message ListAwsClustersRequest {
357  // Required. The parent location which owns this collection of
358  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resources.
359  //
360  // Location names are formatted as `projects/<project-id>/locations/<region>`.
361  //
362  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
363  // for more details on Google Cloud Platform resource names.
364  string parent = 1 [
365    (google.api.field_behavior) = REQUIRED,
366    (google.api.resource_reference) = {
367      child_type: "gkemulticloud.googleapis.com/AwsCluster"
368    }
369  ];
370
371  // The maximum number of items to return.
372  //
373  // If not specified, a default value of 50 will be used by the service.
374  // Regardless of the pageSize value, the response can include a partial list
375  // and a caller should only rely on response's
376  // [nextPageToken][google.cloud.gkemulticloud.v1.ListAwsClustersResponse.next_page_token]
377  // to determine if there are more instances left to be queried.
378  int32 page_size = 2;
379
380  // The `nextPageToken` value returned from a previous
381  // [awsClusters.list][google.cloud.gkemulticloud.v1.AwsClusters.ListAwsClusters]
382  // request, if any.
383  string page_token = 3;
384}
385
386// Response message for `AwsClusters.ListAwsClusters` method.
387message ListAwsClustersResponse {
388  // A list of [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resources
389  // in the specified Google Cloud Platform project and region region.
390  repeated AwsCluster aws_clusters = 1;
391
392  // Token to retrieve the next page of results, or empty if there are no more
393  // results in the list.
394  string next_page_token = 2;
395}
396
397// Request message for `AwsClusters.DeleteAwsCluster` method.
398message DeleteAwsClusterRequest {
399  // Required. The resource name the
400  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] to delete.
401  //
402  // `AwsCluster` names are formatted as
403  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>`.
404  //
405  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
406  // for more details on Google Cloud Platform resource names.
407  string name = 1 [
408    (google.api.field_behavior) = REQUIRED,
409    (google.api.resource_reference) = {
410      type: "gkemulticloud.googleapis.com/AwsCluster"
411    }
412  ];
413
414  // If set, only validate the request, but do not actually delete the resource.
415  bool validate_only = 2;
416
417  // If set to true, and the
418  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resource is not
419  // found, the request will succeed but no action will be taken on the server
420  // and a completed [Operation][google.longrunning.Operation] will be returned.
421  //
422  // Useful for idempotent deletion.
423  bool allow_missing = 3;
424
425  // Optional. If set to true, the deletion of
426  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resource will
427  // succeed even if errors occur during deleting in cluster resources. Using
428  // this parameter may result in orphaned resources in the cluster.
429  bool ignore_errors = 5 [(google.api.field_behavior) = OPTIONAL];
430
431  // The current etag of the
432  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster].
433  //
434  // Allows clients to perform deletions through optimistic concurrency control.
435  //
436  // If the provided etag does not match the current etag of the cluster,
437  // the request will fail and an ABORTED error will be returned.
438  string etag = 4;
439}
440
441// Response message for `AwsClusters.CreateAwsNodePool` method.
442message CreateAwsNodePoolRequest {
443  // Required. The [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster]
444  // resource where this node pool will be created.
445  //
446  // `AwsCluster` names are formatted as
447  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>`.
448  //
449  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
450  // for more details on Google Cloud resource names.
451  string parent = 1 [
452    (google.api.field_behavior) = REQUIRED,
453    (google.api.resource_reference) = {
454      child_type: "gkemulticloud.googleapis.com/AwsNodePool"
455    }
456  ];
457
458  // Required. The specification of the
459  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] to create.
460  AwsNodePool aws_node_pool = 2 [(google.api.field_behavior) = REQUIRED];
461
462  // Required. A client provided ID the resource. Must be unique within the
463  // parent resource.
464  //
465  // The provided ID will be part of the
466  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] resource name
467  // formatted as
468  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>/awsNodePools/<node-pool-id>`.
469  //
470  // Valid characters are `/[a-z][0-9]-/`. Cannot be longer than 63 characters.
471  string aws_node_pool_id = 3 [(google.api.field_behavior) = REQUIRED];
472
473  // If set, only validate the request, but do not actually create the node
474  // pool.
475  bool validate_only = 4;
476}
477
478// Request message for `AwsClusters.UpdateAwsNodePool` method.
479message UpdateAwsNodePoolRequest {
480  // Required. The [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool]
481  // resource to update.
482  AwsNodePool aws_node_pool = 1 [(google.api.field_behavior) = REQUIRED];
483
484  // If set, only validate the request, but don't actually update the node pool.
485  bool validate_only = 2;
486
487  // Required. Mask of fields to update. At least one path must be supplied in
488  // this field. The elements of the repeated paths field can only include these
489  // fields from [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool]:
490  //
491  //  *   `annotations`.
492  //  *   `version`.
493  //  *   `autoscaling.min_node_count`.
494  //  *   `autoscaling.max_node_count`.
495  //  *   `config.config_encryption.kms_key_arn`.
496  //  *   `config.security_group_ids`.
497  //  *   `config.root_volume.iops`.
498  //  *   `config.root_volume.throughput`.
499  //  *   `config.root_volume.kms_key_arn`.
500  //  *   `config.root_volume.volume_type`.
501  //  *   `config.root_volume.size_gib`.
502  //  *   `config.proxy_config`.
503  //  *   `config.proxy_config.secret_arn`.
504  //  *   `config.proxy_config.secret_version`.
505  //  *   `config.ssh_config`.
506  //  *   `config.ssh_config.ec2_key_pair`.
507  //  *   `config.instance_placement.tenancy`.
508  //  *   `config.iam_instance_profile`.
509  //  *   `config.labels`.
510  //  *   `config.tags`.
511  //  *   `config.autoscaling_metrics_collection`.
512  //  *   `config.autoscaling_metrics_collection.granularity`.
513  //  *   `config.autoscaling_metrics_collection.metrics`.
514  //  *   `config.instance_type`.
515  //  *   `management.auto_repair`.
516  //  *   `management`.
517  //  *   `update_settings`.
518  //  *   `update_settings.surge_settings`.
519  //  *   `update_settings.surge_settings.max_surge`.
520  //  *   `update_settings.surge_settings.max_unavailable`.
521  google.protobuf.FieldMask update_mask = 3
522      [(google.api.field_behavior) = REQUIRED];
523}
524
525// Request message for `AwsClusters.RollbackAwsNodePoolUpdate` method.
526message RollbackAwsNodePoolUpdateRequest {
527  // Required. The name of the
528  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] resource to
529  // rollback.
530  //
531  // `AwsNodePool` names are formatted as
532  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>/awsNodePools/<node-pool-id>`.
533  //
534  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
535  // for more details on Google Cloud resource names.
536  string name = 1 [
537    (google.api.field_behavior) = REQUIRED,
538    (google.api.resource_reference) = {
539      type: "gkemulticloud.googleapis.com/AwsNodePool"
540    }
541  ];
542
543  // Optional. Option for rollback to ignore the PodDisruptionBudget when
544  // draining the node pool nodes. Default value is false.
545  bool respect_pdb = 2 [(google.api.field_behavior) = OPTIONAL];
546}
547
548// Request message for `AwsClusters.GetAwsNodePool` method.
549message GetAwsNodePoolRequest {
550  // Required. The name of the
551  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] resource to
552  // describe.
553  //
554  // `AwsNodePool` names are formatted as
555  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>/awsNodePools/<node-pool-id>`.
556  //
557  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
558  // for more details on Google Cloud resource names.
559  string name = 1 [
560    (google.api.field_behavior) = REQUIRED,
561    (google.api.resource_reference) = {
562      type: "gkemulticloud.googleapis.com/AwsNodePool"
563    }
564  ];
565}
566
567// Request message for `AwsClusters.ListAwsNodePools` method.
568message ListAwsNodePoolsRequest {
569  // Required. The parent `AwsCluster` which owns this collection of
570  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] resources.
571  //
572  // `AwsCluster` names are formatted as
573  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>`.
574  //
575  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
576  // for more details on Google Cloud resource names.
577  string parent = 1 [
578    (google.api.field_behavior) = REQUIRED,
579    (google.api.resource_reference) = {
580      child_type: "gkemulticloud.googleapis.com/AwsNodePool"
581    }
582  ];
583
584  // The maximum number of items to return.
585  //
586  // If not specified, a default value of 50 will be used by the service.
587  // Regardless of the pageSize value, the response can include a partial list
588  // and a caller should only rely on response's
589  // [nextPageToken][google.cloud.gkemulticloud.v1.ListAwsNodePoolsResponse.next_page_token]
590  // to determine if there are more instances left to be queried.
591  int32 page_size = 2;
592
593  // The `nextPageToken` value returned from a previous
594  // [awsNodePools.list][google.cloud.gkemulticloud.v1.AwsClusters.ListAwsNodePools]
595  // request, if any.
596  string page_token = 3;
597}
598
599// Response message for `AwsClusters.ListAwsNodePools` method.
600message ListAwsNodePoolsResponse {
601  // A list of [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool]
602  // resources in the specified `AwsCluster`.
603  repeated AwsNodePool aws_node_pools = 1;
604
605  // Token to retrieve the next page of results, or empty if there are no more
606  // results in the list.
607  string next_page_token = 2;
608}
609
610// Request message for `AwsClusters.DeleteAwsNodePool` method.
611message DeleteAwsNodePoolRequest {
612  // Required. The resource name the
613  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] to delete.
614  //
615  // `AwsNodePool` names are formatted as
616  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>/awsNodePools/<node-pool-id>`.
617  //
618  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
619  // for more details on Google Cloud resource names.
620  string name = 1 [
621    (google.api.field_behavior) = REQUIRED,
622    (google.api.resource_reference) = {
623      type: "gkemulticloud.googleapis.com/AwsNodePool"
624    }
625  ];
626
627  // If set, only validate the request, but do not actually delete the node
628  // pool.
629  bool validate_only = 2;
630
631  // If set to true, and the
632  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] resource is not
633  // found, the request will succeed but no action will be taken on the server
634  // and a completed [Operation][google.longrunning.Operation] will be returned.
635  //
636  // Useful for idempotent deletion.
637  bool allow_missing = 3;
638
639  // Optional. If set to true, the deletion of
640  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool] resource will
641  // succeed even if errors occur during deleting in node pool resources. Using
642  // this parameter may result in orphaned resources in the node pool.
643  bool ignore_errors = 5 [(google.api.field_behavior) = OPTIONAL];
644
645  // The current ETag of the
646  // [AwsNodePool][google.cloud.gkemulticloud.v1.AwsNodePool].
647  //
648  // Allows clients to perform deletions through optimistic concurrency control.
649  //
650  // If the provided ETag does not match the current etag of the node pool,
651  // the request will fail and an ABORTED error will be returned.
652  string etag = 4;
653}
654
655// GetAwsOpenIdConfigRequest gets the OIDC discovery document for the
656// cluster. See the OpenID Connect Discovery 1.0 specification for details.
657message GetAwsOpenIdConfigRequest {
658  // Required. The AwsCluster, which owns the OIDC discovery document.
659  // Format:
660  // projects/{project}/locations/{location}/awsClusters/{cluster}
661  string aws_cluster = 1 [
662    (google.api.field_behavior) = REQUIRED,
663    (google.api.resource_reference) = {
664      type: "gkemulticloud.googleapis.com/AwsCluster"
665    }
666  ];
667}
668
669// GetAwsJsonWebKeysRequest gets the public component of the keys used by the
670// cluster to sign token requests. This will be the jwks_uri for the discover
671// document returned by getOpenIDConfig. See the OpenID Connect
672// Discovery 1.0 specification for details.
673message GetAwsJsonWebKeysRequest {
674  // Required. The AwsCluster, which owns the JsonWebKeys.
675  // Format:
676  // projects/{project}/locations/{location}/awsClusters/{cluster}
677  string aws_cluster = 1 [
678    (google.api.field_behavior) = REQUIRED,
679    (google.api.resource_reference) = {
680      type: "gkemulticloud.googleapis.com/AwsCluster"
681    }
682  ];
683}
684
685// GetAwsServerConfigRequest gets the server config of GKE cluster on AWS.
686message GetAwsServerConfigRequest {
687  // Required. The name of the
688  // [AwsServerConfig][google.cloud.gkemulticloud.v1.AwsServerConfig] resource
689  // to describe.
690  //
691  // `AwsServerConfig` names are formatted as
692  // `projects/<project-id>/locations/<region>/awsServerConfig`.
693  //
694  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
695  // for more details on Google Cloud resource names.
696  string name = 1 [
697    (google.api.field_behavior) = REQUIRED,
698    (google.api.resource_reference) = {
699      type: "gkemulticloud.googleapis.com/AwsServerConfig"
700    }
701  ];
702}
703
704// Request message for `AwsClusters.GenerateAwsAccessToken` method.
705message GenerateAwsAccessTokenRequest {
706  // Required. The name of the
707  // [AwsCluster][google.cloud.gkemulticloud.v1.AwsCluster] resource to
708  // authenticate to.
709  //
710  // `AwsCluster` names are formatted as
711  // `projects/<project-id>/locations/<region>/awsClusters/<cluster-id>`.
712  //
713  // See [Resource Names](https://cloud.google.com/apis/design/resource_names)
714  // for more details on Google Cloud resource names.
715  string aws_cluster = 1 [
716    (google.api.field_behavior) = REQUIRED,
717    (google.api.resource_reference) = {
718      type: "gkemulticloud.googleapis.com/AwsCluster"
719    }
720  ];
721}
722
723// Response message for `AwsClusters.GenerateAwsAccessToken` method.
724message GenerateAwsAccessTokenResponse {
725  // Output only. Access token to authenticate to k8s api-server.
726  string access_token = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
727
728  // Output only. Timestamp at which the token will expire.
729  google.protobuf.Timestamp expiration_time = 2
730      [(google.api.field_behavior) = OUTPUT_ONLY];
731}
732
733message GenerateAwsClusterAgentTokenRequest {
734  // Required.
735  string aws_cluster = 1 [
736    (google.api.field_behavior) = REQUIRED,
737    (google.api.resource_reference) = {
738      type: "gkemulticloud.googleapis.com/AwsCluster"
739    }
740  ];
741
742  // Required.
743  string subject_token = 2 [(google.api.field_behavior) = REQUIRED];
744
745  // Required.
746  string subject_token_type = 3 [(google.api.field_behavior) = REQUIRED];
747
748  // Required.
749  string version = 4 [(google.api.field_behavior) = REQUIRED];
750
751  // Optional.
752  string node_pool_id = 5 [(google.api.field_behavior) = OPTIONAL];
753
754  // Optional.
755  string grant_type = 6 [(google.api.field_behavior) = OPTIONAL];
756
757  // Optional.
758  string audience = 7 [(google.api.field_behavior) = OPTIONAL];
759
760  // Optional.
761  string scope = 8 [(google.api.field_behavior) = OPTIONAL];
762
763  // Optional.
764  string requested_token_type = 9 [(google.api.field_behavior) = OPTIONAL];
765
766  // Optional.
767  string options = 10 [(google.api.field_behavior) = OPTIONAL];
768}
769
770message GenerateAwsClusterAgentTokenResponse {
771  string access_token = 1;
772
773  int32 expires_in = 2;
774
775  string token_type = 3;
776}
777