1*d5c09012SAndroid Build Coastguard Worker// Copyright 2020 Google LLC 2*d5c09012SAndroid Build Coastguard Worker// 3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*d5c09012SAndroid Build Coastguard Worker// 7*d5c09012SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*d5c09012SAndroid Build Coastguard Worker// 9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*d5c09012SAndroid Build Coastguard Worker// limitations under the License. 14*d5c09012SAndroid Build Coastguard Worker 15*d5c09012SAndroid Build Coastguard Workersyntax = "proto3"; 16*d5c09012SAndroid Build Coastguard Worker 17*d5c09012SAndroid Build Coastguard Workerpackage google.cloud.iot.v1; 18*d5c09012SAndroid Build Coastguard Worker 19*d5c09012SAndroid Build Coastguard Workerimport "google/api/resource.proto"; 20*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/timestamp.proto"; 21*d5c09012SAndroid Build Coastguard Workerimport "google/rpc/status.proto"; 22*d5c09012SAndroid Build Coastguard Worker 23*d5c09012SAndroid Build Coastguard Workeroption cc_enable_arenas = true; 24*d5c09012SAndroid Build Coastguard Workeroption go_package = "cloud.google.com/go/iot/apiv1/iotpb;iotpb"; 25*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true; 26*d5c09012SAndroid Build Coastguard Workeroption java_outer_classname = "ResourcesProto"; 27*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.cloud.iot.v1"; 28*d5c09012SAndroid Build Coastguard Worker 29*d5c09012SAndroid Build Coastguard Worker// The device resource. 30*d5c09012SAndroid Build Coastguard Workermessage Device { 31*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 32*d5c09012SAndroid Build Coastguard Worker type: "cloudiot.googleapis.com/Device" 33*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/registries/{registry}/devices/{device}" 34*d5c09012SAndroid Build Coastguard Worker }; 35*d5c09012SAndroid Build Coastguard Worker 36*d5c09012SAndroid Build Coastguard Worker // The user-defined device identifier. The device ID must be unique 37*d5c09012SAndroid Build Coastguard Worker // within a device registry. 38*d5c09012SAndroid Build Coastguard Worker string id = 1; 39*d5c09012SAndroid Build Coastguard Worker 40*d5c09012SAndroid Build Coastguard Worker // The resource path name. For example, 41*d5c09012SAndroid Build Coastguard Worker // `projects/p1/locations/us-central1/registries/registry0/devices/dev0` or 42*d5c09012SAndroid Build Coastguard Worker // `projects/p1/locations/us-central1/registries/registry0/devices/{num_id}`. 43*d5c09012SAndroid Build Coastguard Worker // When `name` is populated as a response from the service, it always ends 44*d5c09012SAndroid Build Coastguard Worker // in the device numeric ID. 45*d5c09012SAndroid Build Coastguard Worker string name = 2; 46*d5c09012SAndroid Build Coastguard Worker 47*d5c09012SAndroid Build Coastguard Worker // [Output only] A server-defined unique numeric ID for the device. This is a 48*d5c09012SAndroid Build Coastguard Worker // more compact way to identify devices, and it is globally unique. 49*d5c09012SAndroid Build Coastguard Worker uint64 num_id = 3; 50*d5c09012SAndroid Build Coastguard Worker 51*d5c09012SAndroid Build Coastguard Worker // The credentials used to authenticate this device. To allow credential 52*d5c09012SAndroid Build Coastguard Worker // rotation without interruption, multiple device credentials can be bound to 53*d5c09012SAndroid Build Coastguard Worker // this device. No more than 3 credentials can be bound to a single device at 54*d5c09012SAndroid Build Coastguard Worker // a time. When new credentials are added to a device, they are verified 55*d5c09012SAndroid Build Coastguard Worker // against the registry credentials. For details, see the description of the 56*d5c09012SAndroid Build Coastguard Worker // `DeviceRegistry.credentials` field. 57*d5c09012SAndroid Build Coastguard Worker repeated DeviceCredential credentials = 12; 58*d5c09012SAndroid Build Coastguard Worker 59*d5c09012SAndroid Build Coastguard Worker // [Output only] The last time an MQTT `PINGREQ` was received. This field 60*d5c09012SAndroid Build Coastguard Worker // applies only to devices connecting through MQTT. MQTT clients usually only 61*d5c09012SAndroid Build Coastguard Worker // send `PINGREQ` messages if the connection is idle, and no other messages 62*d5c09012SAndroid Build Coastguard Worker // have been sent. Timestamps are periodically collected and written to 63*d5c09012SAndroid Build Coastguard Worker // storage; they may be stale by a few minutes. 64*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp last_heartbeat_time = 7; 65*d5c09012SAndroid Build Coastguard Worker 66*d5c09012SAndroid Build Coastguard Worker // [Output only] The last time a telemetry event was received. Timestamps are 67*d5c09012SAndroid Build Coastguard Worker // periodically collected and written to storage; they may be stale by a few 68*d5c09012SAndroid Build Coastguard Worker // minutes. 69*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp last_event_time = 8; 70*d5c09012SAndroid Build Coastguard Worker 71*d5c09012SAndroid Build Coastguard Worker // [Output only] The last time a state event was received. Timestamps are 72*d5c09012SAndroid Build Coastguard Worker // periodically collected and written to storage; they may be stale by a few 73*d5c09012SAndroid Build Coastguard Worker // minutes. 74*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp last_state_time = 20; 75*d5c09012SAndroid Build Coastguard Worker 76*d5c09012SAndroid Build Coastguard Worker // [Output only] The last time a cloud-to-device config version acknowledgment 77*d5c09012SAndroid Build Coastguard Worker // was received from the device. This field is only for configurations 78*d5c09012SAndroid Build Coastguard Worker // sent through MQTT. 79*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp last_config_ack_time = 14; 80*d5c09012SAndroid Build Coastguard Worker 81*d5c09012SAndroid Build Coastguard Worker // [Output only] The last time a cloud-to-device config version was sent to 82*d5c09012SAndroid Build Coastguard Worker // the device. 83*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp last_config_send_time = 18; 84*d5c09012SAndroid Build Coastguard Worker 85*d5c09012SAndroid Build Coastguard Worker // If a device is blocked, connections or requests from this device will fail. 86*d5c09012SAndroid Build Coastguard Worker // Can be used to temporarily prevent the device from connecting if, for 87*d5c09012SAndroid Build Coastguard Worker // example, the sensor is generating bad data and needs maintenance. 88*d5c09012SAndroid Build Coastguard Worker bool blocked = 19; 89*d5c09012SAndroid Build Coastguard Worker 90*d5c09012SAndroid Build Coastguard Worker // [Output only] The time the most recent error occurred, such as a failure to 91*d5c09012SAndroid Build Coastguard Worker // publish to Cloud Pub/Sub. This field is the timestamp of 92*d5c09012SAndroid Build Coastguard Worker // 'last_error_status'. 93*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp last_error_time = 10; 94*d5c09012SAndroid Build Coastguard Worker 95*d5c09012SAndroid Build Coastguard Worker // [Output only] The error message of the most recent error, such as a failure 96*d5c09012SAndroid Build Coastguard Worker // to publish to Cloud Pub/Sub. 'last_error_time' is the timestamp of this 97*d5c09012SAndroid Build Coastguard Worker // field. If no errors have occurred, this field has an empty message 98*d5c09012SAndroid Build Coastguard Worker // and the status code 0 == OK. Otherwise, this field is expected to have a 99*d5c09012SAndroid Build Coastguard Worker // status code other than OK. 100*d5c09012SAndroid Build Coastguard Worker google.rpc.Status last_error_status = 11; 101*d5c09012SAndroid Build Coastguard Worker 102*d5c09012SAndroid Build Coastguard Worker // The most recent device configuration, which is eventually sent from 103*d5c09012SAndroid Build Coastguard Worker // Cloud IoT Core to the device. If not present on creation, the 104*d5c09012SAndroid Build Coastguard Worker // configuration will be initialized with an empty payload and version value 105*d5c09012SAndroid Build Coastguard Worker // of `1`. To update this field after creation, use the 106*d5c09012SAndroid Build Coastguard Worker // `DeviceManager.ModifyCloudToDeviceConfig` method. 107*d5c09012SAndroid Build Coastguard Worker DeviceConfig config = 13; 108*d5c09012SAndroid Build Coastguard Worker 109*d5c09012SAndroid Build Coastguard Worker // [Output only] The state most recently received from the device. If no state 110*d5c09012SAndroid Build Coastguard Worker // has been reported, this field is not present. 111*d5c09012SAndroid Build Coastguard Worker DeviceState state = 16; 112*d5c09012SAndroid Build Coastguard Worker 113*d5c09012SAndroid Build Coastguard Worker // **Beta Feature** 114*d5c09012SAndroid Build Coastguard Worker // 115*d5c09012SAndroid Build Coastguard Worker // The logging verbosity for device activity. If unspecified, 116*d5c09012SAndroid Build Coastguard Worker // DeviceRegistry.log_level will be used. 117*d5c09012SAndroid Build Coastguard Worker LogLevel log_level = 21; 118*d5c09012SAndroid Build Coastguard Worker 119*d5c09012SAndroid Build Coastguard Worker // The metadata key-value pairs assigned to the device. This metadata is not 120*d5c09012SAndroid Build Coastguard Worker // interpreted or indexed by Cloud IoT Core. It can be used to add contextual 121*d5c09012SAndroid Build Coastguard Worker // information for the device. 122*d5c09012SAndroid Build Coastguard Worker // 123*d5c09012SAndroid Build Coastguard Worker // Keys must conform to the regular expression [a-zA-Z][a-zA-Z0-9-_.+~%]+ and 124*d5c09012SAndroid Build Coastguard Worker // be less than 128 bytes in length. 125*d5c09012SAndroid Build Coastguard Worker // 126*d5c09012SAndroid Build Coastguard Worker // Values are free-form strings. Each value must be less than or equal to 32 127*d5c09012SAndroid Build Coastguard Worker // KB in size. 128*d5c09012SAndroid Build Coastguard Worker // 129*d5c09012SAndroid Build Coastguard Worker // The total size of all keys and values must be less than 256 KB, and the 130*d5c09012SAndroid Build Coastguard Worker // maximum number of key-value pairs is 500. 131*d5c09012SAndroid Build Coastguard Worker map<string, string> metadata = 17; 132*d5c09012SAndroid Build Coastguard Worker 133*d5c09012SAndroid Build Coastguard Worker // Gateway-related configuration and state. 134*d5c09012SAndroid Build Coastguard Worker GatewayConfig gateway_config = 24; 135*d5c09012SAndroid Build Coastguard Worker} 136*d5c09012SAndroid Build Coastguard Worker 137*d5c09012SAndroid Build Coastguard Worker// Gateway-related configuration and state. 138*d5c09012SAndroid Build Coastguard Workermessage GatewayConfig { 139*d5c09012SAndroid Build Coastguard Worker // Indicates whether the device is a gateway. 140*d5c09012SAndroid Build Coastguard Worker GatewayType gateway_type = 1; 141*d5c09012SAndroid Build Coastguard Worker 142*d5c09012SAndroid Build Coastguard Worker // Indicates how to authorize and/or authenticate devices to access the 143*d5c09012SAndroid Build Coastguard Worker // gateway. 144*d5c09012SAndroid Build Coastguard Worker GatewayAuthMethod gateway_auth_method = 2; 145*d5c09012SAndroid Build Coastguard Worker 146*d5c09012SAndroid Build Coastguard Worker // [Output only] The ID of the gateway the device accessed most recently. 147*d5c09012SAndroid Build Coastguard Worker string last_accessed_gateway_id = 3; 148*d5c09012SAndroid Build Coastguard Worker 149*d5c09012SAndroid Build Coastguard Worker // [Output only] The most recent time at which the device accessed the gateway 150*d5c09012SAndroid Build Coastguard Worker // specified in `last_accessed_gateway`. 151*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp last_accessed_gateway_time = 4; 152*d5c09012SAndroid Build Coastguard Worker} 153*d5c09012SAndroid Build Coastguard Worker 154*d5c09012SAndroid Build Coastguard Worker// A container for a group of devices. 155*d5c09012SAndroid Build Coastguard Workermessage DeviceRegistry { 156*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 157*d5c09012SAndroid Build Coastguard Worker type: "cloudiot.googleapis.com/Registry" 158*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/registries/{registry}" 159*d5c09012SAndroid Build Coastguard Worker }; 160*d5c09012SAndroid Build Coastguard Worker 161*d5c09012SAndroid Build Coastguard Worker // The identifier of this device registry. For example, `myRegistry`. 162*d5c09012SAndroid Build Coastguard Worker string id = 1; 163*d5c09012SAndroid Build Coastguard Worker 164*d5c09012SAndroid Build Coastguard Worker // The resource path name. For example, 165*d5c09012SAndroid Build Coastguard Worker // `projects/example-project/locations/us-central1/registries/my-registry`. 166*d5c09012SAndroid Build Coastguard Worker string name = 2; 167*d5c09012SAndroid Build Coastguard Worker 168*d5c09012SAndroid Build Coastguard Worker // The configuration for notification of telemetry events received from the 169*d5c09012SAndroid Build Coastguard Worker // device. All telemetry events that were successfully published by the 170*d5c09012SAndroid Build Coastguard Worker // device and acknowledged by Cloud IoT Core are guaranteed to be 171*d5c09012SAndroid Build Coastguard Worker // delivered to Cloud Pub/Sub. If multiple configurations match a message, 172*d5c09012SAndroid Build Coastguard Worker // only the first matching configuration is used. If you try to publish a 173*d5c09012SAndroid Build Coastguard Worker // device telemetry event using MQTT without specifying a Cloud Pub/Sub topic 174*d5c09012SAndroid Build Coastguard Worker // for the device's registry, the connection closes automatically. If you try 175*d5c09012SAndroid Build Coastguard Worker // to do so using an HTTP connection, an error is returned. Up to 10 176*d5c09012SAndroid Build Coastguard Worker // configurations may be provided. 177*d5c09012SAndroid Build Coastguard Worker repeated EventNotificationConfig event_notification_configs = 10; 178*d5c09012SAndroid Build Coastguard Worker 179*d5c09012SAndroid Build Coastguard Worker // The configuration for notification of new states received from the device. 180*d5c09012SAndroid Build Coastguard Worker // State updates are guaranteed to be stored in the state history, but 181*d5c09012SAndroid Build Coastguard Worker // notifications to Cloud Pub/Sub are not guaranteed. For example, if 182*d5c09012SAndroid Build Coastguard Worker // permissions are misconfigured or the specified topic doesn't exist, no 183*d5c09012SAndroid Build Coastguard Worker // notification will be published but the state will still be stored in Cloud 184*d5c09012SAndroid Build Coastguard Worker // IoT Core. 185*d5c09012SAndroid Build Coastguard Worker StateNotificationConfig state_notification_config = 7; 186*d5c09012SAndroid Build Coastguard Worker 187*d5c09012SAndroid Build Coastguard Worker // The MQTT configuration for this device registry. 188*d5c09012SAndroid Build Coastguard Worker MqttConfig mqtt_config = 4; 189*d5c09012SAndroid Build Coastguard Worker 190*d5c09012SAndroid Build Coastguard Worker // The DeviceService (HTTP) configuration for this device registry. 191*d5c09012SAndroid Build Coastguard Worker HttpConfig http_config = 9; 192*d5c09012SAndroid Build Coastguard Worker 193*d5c09012SAndroid Build Coastguard Worker // **Beta Feature** 194*d5c09012SAndroid Build Coastguard Worker // 195*d5c09012SAndroid Build Coastguard Worker // The default logging verbosity for activity from devices in this registry. 196*d5c09012SAndroid Build Coastguard Worker // The verbosity level can be overridden by Device.log_level. 197*d5c09012SAndroid Build Coastguard Worker LogLevel log_level = 11; 198*d5c09012SAndroid Build Coastguard Worker 199*d5c09012SAndroid Build Coastguard Worker // The credentials used to verify the device credentials. No more than 10 200*d5c09012SAndroid Build Coastguard Worker // credentials can be bound to a single registry at a time. The verification 201*d5c09012SAndroid Build Coastguard Worker // process occurs at the time of device creation or update. If this field is 202*d5c09012SAndroid Build Coastguard Worker // empty, no verification is performed. Otherwise, the credentials of a newly 203*d5c09012SAndroid Build Coastguard Worker // created device or added credentials of an updated device should be signed 204*d5c09012SAndroid Build Coastguard Worker // with one of these registry credentials. 205*d5c09012SAndroid Build Coastguard Worker // 206*d5c09012SAndroid Build Coastguard Worker // Note, however, that existing devices will never be affected by 207*d5c09012SAndroid Build Coastguard Worker // modifications to this list of credentials: after a device has been 208*d5c09012SAndroid Build Coastguard Worker // successfully created in a registry, it should be able to connect even if 209*d5c09012SAndroid Build Coastguard Worker // its registry credentials are revoked, deleted, or modified. 210*d5c09012SAndroid Build Coastguard Worker repeated RegistryCredential credentials = 8; 211*d5c09012SAndroid Build Coastguard Worker} 212*d5c09012SAndroid Build Coastguard Worker 213*d5c09012SAndroid Build Coastguard Worker// The configuration of MQTT for a device registry. 214*d5c09012SAndroid Build Coastguard Workermessage MqttConfig { 215*d5c09012SAndroid Build Coastguard Worker // If enabled, allows connections using the MQTT protocol. Otherwise, MQTT 216*d5c09012SAndroid Build Coastguard Worker // connections to this registry will fail. 217*d5c09012SAndroid Build Coastguard Worker MqttState mqtt_enabled_state = 1; 218*d5c09012SAndroid Build Coastguard Worker} 219*d5c09012SAndroid Build Coastguard Worker 220*d5c09012SAndroid Build Coastguard Worker// Indicates whether an MQTT connection is enabled or disabled. See the field 221*d5c09012SAndroid Build Coastguard Worker// description for details. 222*d5c09012SAndroid Build Coastguard Workerenum MqttState { 223*d5c09012SAndroid Build Coastguard Worker // No MQTT state specified. If not specified, MQTT will be enabled by default. 224*d5c09012SAndroid Build Coastguard Worker MQTT_STATE_UNSPECIFIED = 0; 225*d5c09012SAndroid Build Coastguard Worker 226*d5c09012SAndroid Build Coastguard Worker // Enables a MQTT connection. 227*d5c09012SAndroid Build Coastguard Worker MQTT_ENABLED = 1; 228*d5c09012SAndroid Build Coastguard Worker 229*d5c09012SAndroid Build Coastguard Worker // Disables a MQTT connection. 230*d5c09012SAndroid Build Coastguard Worker MQTT_DISABLED = 2; 231*d5c09012SAndroid Build Coastguard Worker} 232*d5c09012SAndroid Build Coastguard Worker 233*d5c09012SAndroid Build Coastguard Worker// The configuration of the HTTP bridge for a device registry. 234*d5c09012SAndroid Build Coastguard Workermessage HttpConfig { 235*d5c09012SAndroid Build Coastguard Worker // If enabled, allows devices to use DeviceService via the HTTP protocol. 236*d5c09012SAndroid Build Coastguard Worker // Otherwise, any requests to DeviceService will fail for this registry. 237*d5c09012SAndroid Build Coastguard Worker HttpState http_enabled_state = 1; 238*d5c09012SAndroid Build Coastguard Worker} 239*d5c09012SAndroid Build Coastguard Worker 240*d5c09012SAndroid Build Coastguard Worker// Indicates whether DeviceService (HTTP) is enabled or disabled for the 241*d5c09012SAndroid Build Coastguard Worker// registry. See the field description for details. 242*d5c09012SAndroid Build Coastguard Workerenum HttpState { 243*d5c09012SAndroid Build Coastguard Worker // No HTTP state specified. If not specified, DeviceService will be 244*d5c09012SAndroid Build Coastguard Worker // enabled by default. 245*d5c09012SAndroid Build Coastguard Worker HTTP_STATE_UNSPECIFIED = 0; 246*d5c09012SAndroid Build Coastguard Worker 247*d5c09012SAndroid Build Coastguard Worker // Enables DeviceService (HTTP) service for the registry. 248*d5c09012SAndroid Build Coastguard Worker HTTP_ENABLED = 1; 249*d5c09012SAndroid Build Coastguard Worker 250*d5c09012SAndroid Build Coastguard Worker // Disables DeviceService (HTTP) service for the registry. 251*d5c09012SAndroid Build Coastguard Worker HTTP_DISABLED = 2; 252*d5c09012SAndroid Build Coastguard Worker} 253*d5c09012SAndroid Build Coastguard Worker 254*d5c09012SAndroid Build Coastguard Worker// **Beta Feature** 255*d5c09012SAndroid Build Coastguard Worker// 256*d5c09012SAndroid Build Coastguard Worker// The logging verbosity for device activity. Specifies which events should be 257*d5c09012SAndroid Build Coastguard Worker// written to logs. For example, if the LogLevel is ERROR, only events that 258*d5c09012SAndroid Build Coastguard Worker// terminate in errors will be logged. LogLevel is inclusive; enabling INFO 259*d5c09012SAndroid Build Coastguard Worker// logging will also enable ERROR logging. 260*d5c09012SAndroid Build Coastguard Workerenum LogLevel { 261*d5c09012SAndroid Build Coastguard Worker // No logging specified. If not specified, logging will be disabled. 262*d5c09012SAndroid Build Coastguard Worker LOG_LEVEL_UNSPECIFIED = 0; 263*d5c09012SAndroid Build Coastguard Worker 264*d5c09012SAndroid Build Coastguard Worker // Disables logging. 265*d5c09012SAndroid Build Coastguard Worker NONE = 10; 266*d5c09012SAndroid Build Coastguard Worker 267*d5c09012SAndroid Build Coastguard Worker // Error events will be logged. 268*d5c09012SAndroid Build Coastguard Worker ERROR = 20; 269*d5c09012SAndroid Build Coastguard Worker 270*d5c09012SAndroid Build Coastguard Worker // Informational events will be logged, such as connections and 271*d5c09012SAndroid Build Coastguard Worker // disconnections. 272*d5c09012SAndroid Build Coastguard Worker INFO = 30; 273*d5c09012SAndroid Build Coastguard Worker 274*d5c09012SAndroid Build Coastguard Worker // All events will be logged. 275*d5c09012SAndroid Build Coastguard Worker DEBUG = 40; 276*d5c09012SAndroid Build Coastguard Worker} 277*d5c09012SAndroid Build Coastguard Worker 278*d5c09012SAndroid Build Coastguard Worker// Gateway type. 279*d5c09012SAndroid Build Coastguard Workerenum GatewayType { 280*d5c09012SAndroid Build Coastguard Worker // If unspecified, the device is considered a non-gateway device. 281*d5c09012SAndroid Build Coastguard Worker GATEWAY_TYPE_UNSPECIFIED = 0; 282*d5c09012SAndroid Build Coastguard Worker 283*d5c09012SAndroid Build Coastguard Worker // The device is a gateway. 284*d5c09012SAndroid Build Coastguard Worker GATEWAY = 1; 285*d5c09012SAndroid Build Coastguard Worker 286*d5c09012SAndroid Build Coastguard Worker // The device is not a gateway. 287*d5c09012SAndroid Build Coastguard Worker NON_GATEWAY = 2; 288*d5c09012SAndroid Build Coastguard Worker} 289*d5c09012SAndroid Build Coastguard Worker 290*d5c09012SAndroid Build Coastguard Worker// The gateway authorization/authentication method. This setting determines how 291*d5c09012SAndroid Build Coastguard Worker// Cloud IoT Core authorizes/authenticate devices to access the gateway. 292*d5c09012SAndroid Build Coastguard Workerenum GatewayAuthMethod { 293*d5c09012SAndroid Build Coastguard Worker // No authentication/authorization method specified. No devices are allowed to 294*d5c09012SAndroid Build Coastguard Worker // access the gateway. 295*d5c09012SAndroid Build Coastguard Worker GATEWAY_AUTH_METHOD_UNSPECIFIED = 0; 296*d5c09012SAndroid Build Coastguard Worker 297*d5c09012SAndroid Build Coastguard Worker // The device is authenticated through the gateway association only. Device 298*d5c09012SAndroid Build Coastguard Worker // credentials are ignored even if provided. 299*d5c09012SAndroid Build Coastguard Worker ASSOCIATION_ONLY = 1; 300*d5c09012SAndroid Build Coastguard Worker 301*d5c09012SAndroid Build Coastguard Worker // The device is authenticated through its own credentials. Gateway 302*d5c09012SAndroid Build Coastguard Worker // association is not checked. 303*d5c09012SAndroid Build Coastguard Worker DEVICE_AUTH_TOKEN_ONLY = 2; 304*d5c09012SAndroid Build Coastguard Worker 305*d5c09012SAndroid Build Coastguard Worker // The device is authenticated through both device credentials and gateway 306*d5c09012SAndroid Build Coastguard Worker // association. The device must be bound to the gateway and must provide its 307*d5c09012SAndroid Build Coastguard Worker // own credentials. 308*d5c09012SAndroid Build Coastguard Worker ASSOCIATION_AND_DEVICE_AUTH_TOKEN = 3; 309*d5c09012SAndroid Build Coastguard Worker} 310*d5c09012SAndroid Build Coastguard Worker 311*d5c09012SAndroid Build Coastguard Worker// The configuration for forwarding telemetry events. 312*d5c09012SAndroid Build Coastguard Workermessage EventNotificationConfig { 313*d5c09012SAndroid Build Coastguard Worker // If the subfolder name matches this string exactly, this configuration will 314*d5c09012SAndroid Build Coastguard Worker // be used. The string must not include the leading '/' character. If empty, 315*d5c09012SAndroid Build Coastguard Worker // all strings are matched. This field is used only for telemetry events; 316*d5c09012SAndroid Build Coastguard Worker // subfolders are not supported for state changes. 317*d5c09012SAndroid Build Coastguard Worker string subfolder_matches = 2; 318*d5c09012SAndroid Build Coastguard Worker 319*d5c09012SAndroid Build Coastguard Worker // A Cloud Pub/Sub topic name. For example, 320*d5c09012SAndroid Build Coastguard Worker // `projects/myProject/topics/deviceEvents`. 321*d5c09012SAndroid Build Coastguard Worker string pubsub_topic_name = 1; 322*d5c09012SAndroid Build Coastguard Worker} 323*d5c09012SAndroid Build Coastguard Worker 324*d5c09012SAndroid Build Coastguard Worker// The configuration for notification of new states received from the device. 325*d5c09012SAndroid Build Coastguard Workermessage StateNotificationConfig { 326*d5c09012SAndroid Build Coastguard Worker // A Cloud Pub/Sub topic name. For example, 327*d5c09012SAndroid Build Coastguard Worker // `projects/myProject/topics/deviceEvents`. 328*d5c09012SAndroid Build Coastguard Worker string pubsub_topic_name = 1; 329*d5c09012SAndroid Build Coastguard Worker} 330*d5c09012SAndroid Build Coastguard Worker 331*d5c09012SAndroid Build Coastguard Worker// A server-stored registry credential used to validate device credentials. 332*d5c09012SAndroid Build Coastguard Workermessage RegistryCredential { 333*d5c09012SAndroid Build Coastguard Worker // The credential data. Reserved for expansion in the future. 334*d5c09012SAndroid Build Coastguard Worker oneof credential { 335*d5c09012SAndroid Build Coastguard Worker // A public key certificate used to verify the device credentials. 336*d5c09012SAndroid Build Coastguard Worker PublicKeyCertificate public_key_certificate = 1; 337*d5c09012SAndroid Build Coastguard Worker } 338*d5c09012SAndroid Build Coastguard Worker} 339*d5c09012SAndroid Build Coastguard Worker 340*d5c09012SAndroid Build Coastguard Worker// Details of an X.509 certificate. For informational purposes only. 341*d5c09012SAndroid Build Coastguard Workermessage X509CertificateDetails { 342*d5c09012SAndroid Build Coastguard Worker // The entity that signed the certificate. 343*d5c09012SAndroid Build Coastguard Worker string issuer = 1; 344*d5c09012SAndroid Build Coastguard Worker 345*d5c09012SAndroid Build Coastguard Worker // The entity the certificate and public key belong to. 346*d5c09012SAndroid Build Coastguard Worker string subject = 2; 347*d5c09012SAndroid Build Coastguard Worker 348*d5c09012SAndroid Build Coastguard Worker // The time the certificate becomes valid. 349*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp start_time = 3; 350*d5c09012SAndroid Build Coastguard Worker 351*d5c09012SAndroid Build Coastguard Worker // The time the certificate becomes invalid. 352*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp expiry_time = 4; 353*d5c09012SAndroid Build Coastguard Worker 354*d5c09012SAndroid Build Coastguard Worker // The algorithm used to sign the certificate. 355*d5c09012SAndroid Build Coastguard Worker string signature_algorithm = 5; 356*d5c09012SAndroid Build Coastguard Worker 357*d5c09012SAndroid Build Coastguard Worker // The type of public key in the certificate. 358*d5c09012SAndroid Build Coastguard Worker string public_key_type = 6; 359*d5c09012SAndroid Build Coastguard Worker} 360*d5c09012SAndroid Build Coastguard Worker 361*d5c09012SAndroid Build Coastguard Worker// A public key certificate format and data. 362*d5c09012SAndroid Build Coastguard Workermessage PublicKeyCertificate { 363*d5c09012SAndroid Build Coastguard Worker // The certificate format. 364*d5c09012SAndroid Build Coastguard Worker PublicKeyCertificateFormat format = 1; 365*d5c09012SAndroid Build Coastguard Worker 366*d5c09012SAndroid Build Coastguard Worker // The certificate data. 367*d5c09012SAndroid Build Coastguard Worker string certificate = 2; 368*d5c09012SAndroid Build Coastguard Worker 369*d5c09012SAndroid Build Coastguard Worker // [Output only] The certificate details. Used only for X.509 certificates. 370*d5c09012SAndroid Build Coastguard Worker X509CertificateDetails x509_details = 3; 371*d5c09012SAndroid Build Coastguard Worker} 372*d5c09012SAndroid Build Coastguard Worker 373*d5c09012SAndroid Build Coastguard Worker// The supported formats for the public key. 374*d5c09012SAndroid Build Coastguard Workerenum PublicKeyCertificateFormat { 375*d5c09012SAndroid Build Coastguard Worker // The format has not been specified. This is an invalid default value and 376*d5c09012SAndroid Build Coastguard Worker // must not be used. 377*d5c09012SAndroid Build Coastguard Worker UNSPECIFIED_PUBLIC_KEY_CERTIFICATE_FORMAT = 0; 378*d5c09012SAndroid Build Coastguard Worker 379*d5c09012SAndroid Build Coastguard Worker // An X.509v3 certificate ([RFC5280](https://www.ietf.org/rfc/rfc5280.txt)), 380*d5c09012SAndroid Build Coastguard Worker // encoded in base64, and wrapped by `-----BEGIN CERTIFICATE-----` and 381*d5c09012SAndroid Build Coastguard Worker // `-----END CERTIFICATE-----`. 382*d5c09012SAndroid Build Coastguard Worker X509_CERTIFICATE_PEM = 1; 383*d5c09012SAndroid Build Coastguard Worker} 384*d5c09012SAndroid Build Coastguard Worker 385*d5c09012SAndroid Build Coastguard Worker// A server-stored device credential used for authentication. 386*d5c09012SAndroid Build Coastguard Workermessage DeviceCredential { 387*d5c09012SAndroid Build Coastguard Worker // The credential data. Reserved for expansion in the future. 388*d5c09012SAndroid Build Coastguard Worker oneof credential { 389*d5c09012SAndroid Build Coastguard Worker // A public key used to verify the signature of JSON Web Tokens (JWTs). 390*d5c09012SAndroid Build Coastguard Worker // When adding a new device credential, either via device creation or via 391*d5c09012SAndroid Build Coastguard Worker // modifications, this public key credential may be required to be signed by 392*d5c09012SAndroid Build Coastguard Worker // one of the registry level certificates. More specifically, if the 393*d5c09012SAndroid Build Coastguard Worker // registry contains at least one certificate, any new device credential 394*d5c09012SAndroid Build Coastguard Worker // must be signed by one of the registry certificates. As a result, 395*d5c09012SAndroid Build Coastguard Worker // when the registry contains certificates, only X.509 certificates are 396*d5c09012SAndroid Build Coastguard Worker // accepted as device credentials. However, if the registry does 397*d5c09012SAndroid Build Coastguard Worker // not contain a certificate, self-signed certificates and public keys will 398*d5c09012SAndroid Build Coastguard Worker // be accepted. New device credentials must be different from every 399*d5c09012SAndroid Build Coastguard Worker // registry-level certificate. 400*d5c09012SAndroid Build Coastguard Worker PublicKeyCredential public_key = 2; 401*d5c09012SAndroid Build Coastguard Worker } 402*d5c09012SAndroid Build Coastguard Worker 403*d5c09012SAndroid Build Coastguard Worker // [Optional] The time at which this credential becomes invalid. This 404*d5c09012SAndroid Build Coastguard Worker // credential will be ignored for new client authentication requests after 405*d5c09012SAndroid Build Coastguard Worker // this timestamp; however, it will not be automatically deleted. 406*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp expiration_time = 6; 407*d5c09012SAndroid Build Coastguard Worker} 408*d5c09012SAndroid Build Coastguard Worker 409*d5c09012SAndroid Build Coastguard Worker// A public key format and data. 410*d5c09012SAndroid Build Coastguard Workermessage PublicKeyCredential { 411*d5c09012SAndroid Build Coastguard Worker // The format of the key. 412*d5c09012SAndroid Build Coastguard Worker PublicKeyFormat format = 1; 413*d5c09012SAndroid Build Coastguard Worker 414*d5c09012SAndroid Build Coastguard Worker // The key data. 415*d5c09012SAndroid Build Coastguard Worker string key = 2; 416*d5c09012SAndroid Build Coastguard Worker} 417*d5c09012SAndroid Build Coastguard Worker 418*d5c09012SAndroid Build Coastguard Worker// The supported formats for the public key. 419*d5c09012SAndroid Build Coastguard Workerenum PublicKeyFormat { 420*d5c09012SAndroid Build Coastguard Worker // The format has not been specified. This is an invalid default value and 421*d5c09012SAndroid Build Coastguard Worker // must not be used. 422*d5c09012SAndroid Build Coastguard Worker UNSPECIFIED_PUBLIC_KEY_FORMAT = 0; 423*d5c09012SAndroid Build Coastguard Worker 424*d5c09012SAndroid Build Coastguard Worker // An RSA public key encoded in base64, and wrapped by 425*d5c09012SAndroid Build Coastguard Worker // `-----BEGIN PUBLIC KEY-----` and `-----END PUBLIC KEY-----`. This can be 426*d5c09012SAndroid Build Coastguard Worker // used to verify `RS256` signatures in JWT tokens ([RFC7518]( 427*d5c09012SAndroid Build Coastguard Worker // https://www.ietf.org/rfc/rfc7518.txt)). 428*d5c09012SAndroid Build Coastguard Worker RSA_PEM = 3; 429*d5c09012SAndroid Build Coastguard Worker 430*d5c09012SAndroid Build Coastguard Worker // As RSA_PEM, but wrapped in an X.509v3 certificate ([RFC5280]( 431*d5c09012SAndroid Build Coastguard Worker // https://www.ietf.org/rfc/rfc5280.txt)), encoded in base64, and wrapped by 432*d5c09012SAndroid Build Coastguard Worker // `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. 433*d5c09012SAndroid Build Coastguard Worker RSA_X509_PEM = 1; 434*d5c09012SAndroid Build Coastguard Worker 435*d5c09012SAndroid Build Coastguard Worker // Public key for the ECDSA algorithm using P-256 and SHA-256, encoded in 436*d5c09012SAndroid Build Coastguard Worker // base64, and wrapped by `-----BEGIN PUBLIC KEY-----` and `-----END 437*d5c09012SAndroid Build Coastguard Worker // PUBLIC KEY-----`. This can be used to verify JWT tokens with the `ES256` 438*d5c09012SAndroid Build Coastguard Worker // algorithm ([RFC7518](https://www.ietf.org/rfc/rfc7518.txt)). This curve is 439*d5c09012SAndroid Build Coastguard Worker // defined in [OpenSSL](https://www.openssl.org/) as the `prime256v1` curve. 440*d5c09012SAndroid Build Coastguard Worker ES256_PEM = 2; 441*d5c09012SAndroid Build Coastguard Worker 442*d5c09012SAndroid Build Coastguard Worker // As ES256_PEM, but wrapped in an X.509v3 certificate ([RFC5280]( 443*d5c09012SAndroid Build Coastguard Worker // https://www.ietf.org/rfc/rfc5280.txt)), encoded in base64, and wrapped by 444*d5c09012SAndroid Build Coastguard Worker // `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. 445*d5c09012SAndroid Build Coastguard Worker ES256_X509_PEM = 4; 446*d5c09012SAndroid Build Coastguard Worker} 447*d5c09012SAndroid Build Coastguard Worker 448*d5c09012SAndroid Build Coastguard Worker// The device configuration. Eventually delivered to devices. 449*d5c09012SAndroid Build Coastguard Workermessage DeviceConfig { 450*d5c09012SAndroid Build Coastguard Worker // [Output only] The version of this update. The version number is assigned by 451*d5c09012SAndroid Build Coastguard Worker // the server, and is always greater than 0 after device creation. The 452*d5c09012SAndroid Build Coastguard Worker // version must be 0 on the `CreateDevice` request if a `config` is 453*d5c09012SAndroid Build Coastguard Worker // specified; the response of `CreateDevice` will always have a value of 1. 454*d5c09012SAndroid Build Coastguard Worker int64 version = 1; 455*d5c09012SAndroid Build Coastguard Worker 456*d5c09012SAndroid Build Coastguard Worker // [Output only] The time at which this configuration version was updated in 457*d5c09012SAndroid Build Coastguard Worker // Cloud IoT Core. This timestamp is set by the server. 458*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp cloud_update_time = 2; 459*d5c09012SAndroid Build Coastguard Worker 460*d5c09012SAndroid Build Coastguard Worker // [Output only] The time at which Cloud IoT Core received the 461*d5c09012SAndroid Build Coastguard Worker // acknowledgment from the device, indicating that the device has received 462*d5c09012SAndroid Build Coastguard Worker // this configuration version. If this field is not present, the device has 463*d5c09012SAndroid Build Coastguard Worker // not yet acknowledged that it received this version. Note that when 464*d5c09012SAndroid Build Coastguard Worker // the config was sent to the device, many config versions may have been 465*d5c09012SAndroid Build Coastguard Worker // available in Cloud IoT Core while the device was disconnected, and on 466*d5c09012SAndroid Build Coastguard Worker // connection, only the latest version is sent to the device. Some 467*d5c09012SAndroid Build Coastguard Worker // versions may never be sent to the device, and therefore are never 468*d5c09012SAndroid Build Coastguard Worker // acknowledged. This timestamp is set by Cloud IoT Core. 469*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp device_ack_time = 3; 470*d5c09012SAndroid Build Coastguard Worker 471*d5c09012SAndroid Build Coastguard Worker // The device configuration data. 472*d5c09012SAndroid Build Coastguard Worker bytes binary_data = 4; 473*d5c09012SAndroid Build Coastguard Worker} 474*d5c09012SAndroid Build Coastguard Worker 475*d5c09012SAndroid Build Coastguard Worker// The device state, as reported by the device. 476*d5c09012SAndroid Build Coastguard Workermessage DeviceState { 477*d5c09012SAndroid Build Coastguard Worker // [Output only] The time at which this state version was updated in Cloud 478*d5c09012SAndroid Build Coastguard Worker // IoT Core. 479*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 1; 480*d5c09012SAndroid Build Coastguard Worker 481*d5c09012SAndroid Build Coastguard Worker // The device state data. 482*d5c09012SAndroid Build Coastguard Worker bytes binary_data = 2; 483*d5c09012SAndroid Build Coastguard Worker} 484