1*d5c09012SAndroid Build Coastguard Worker// Copyright 2023 Google LLC 2*d5c09012SAndroid Build Coastguard Worker// 3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*d5c09012SAndroid Build Coastguard Worker// 7*d5c09012SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*d5c09012SAndroid Build Coastguard Worker// 9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*d5c09012SAndroid Build Coastguard Worker// limitations under the License. 14*d5c09012SAndroid Build Coastguard Worker 15*d5c09012SAndroid Build Coastguard Workersyntax = "proto3"; 16*d5c09012SAndroid Build Coastguard Worker 17*d5c09012SAndroid Build Coastguard Workerpackage google.cloud.netapp.v1; 18*d5c09012SAndroid Build Coastguard Worker 19*d5c09012SAndroid Build Coastguard Workerimport "google/api/field_behavior.proto"; 20*d5c09012SAndroid Build Coastguard Workerimport "google/api/resource.proto"; 21*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/field_mask.proto"; 22*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/timestamp.proto"; 23*d5c09012SAndroid Build Coastguard Worker 24*d5c09012SAndroid Build Coastguard Workeroption csharp_namespace = "Google.Cloud.NetApp.V1"; 25*d5c09012SAndroid Build Coastguard Workeroption go_package = "cloud.google.com/go/netapp/apiv1/netapppb;netapppb"; 26*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true; 27*d5c09012SAndroid Build Coastguard Workeroption java_outer_classname = "KmsProto"; 28*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.cloud.netapp.v1"; 29*d5c09012SAndroid Build Coastguard Workeroption php_namespace = "Google\\Cloud\\NetApp\\V1"; 30*d5c09012SAndroid Build Coastguard Workeroption ruby_package = "Google::Cloud::NetApp::V1"; 31*d5c09012SAndroid Build Coastguard Worker 32*d5c09012SAndroid Build Coastguard Worker// GetKmsConfigRequest gets a KMS Config. 33*d5c09012SAndroid Build Coastguard Workermessage GetKmsConfigRequest { 34*d5c09012SAndroid Build Coastguard Worker // Required. Name of the KmsConfig 35*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 36*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 37*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 38*d5c09012SAndroid Build Coastguard Worker type: "netapp.googleapis.com/KmsConfig" 39*d5c09012SAndroid Build Coastguard Worker } 40*d5c09012SAndroid Build Coastguard Worker ]; 41*d5c09012SAndroid Build Coastguard Worker} 42*d5c09012SAndroid Build Coastguard Worker 43*d5c09012SAndroid Build Coastguard Worker// ListKmsConfigsRequest lists KMS Configs. 44*d5c09012SAndroid Build Coastguard Workermessage ListKmsConfigsRequest { 45*d5c09012SAndroid Build Coastguard Worker // Required. Parent value 46*d5c09012SAndroid Build Coastguard Worker string parent = 1 [ 47*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 48*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 49*d5c09012SAndroid Build Coastguard Worker child_type: "netapp.googleapis.com/KmsConfig" 50*d5c09012SAndroid Build Coastguard Worker } 51*d5c09012SAndroid Build Coastguard Worker ]; 52*d5c09012SAndroid Build Coastguard Worker 53*d5c09012SAndroid Build Coastguard Worker // The maximum number of items to return. 54*d5c09012SAndroid Build Coastguard Worker int32 page_size = 2; 55*d5c09012SAndroid Build Coastguard Worker 56*d5c09012SAndroid Build Coastguard Worker // The next_page_token value to use if there are additional 57*d5c09012SAndroid Build Coastguard Worker // results to retrieve for this list request. 58*d5c09012SAndroid Build Coastguard Worker string page_token = 3; 59*d5c09012SAndroid Build Coastguard Worker 60*d5c09012SAndroid Build Coastguard Worker // Sort results. Supported values are "name", "name desc" or "" (unsorted). 61*d5c09012SAndroid Build Coastguard Worker string order_by = 4; 62*d5c09012SAndroid Build Coastguard Worker 63*d5c09012SAndroid Build Coastguard Worker // List filter. 64*d5c09012SAndroid Build Coastguard Worker string filter = 5; 65*d5c09012SAndroid Build Coastguard Worker} 66*d5c09012SAndroid Build Coastguard Worker 67*d5c09012SAndroid Build Coastguard Worker// ListKmsConfigsResponse is the response to a ListKmsConfigsRequest. 68*d5c09012SAndroid Build Coastguard Workermessage ListKmsConfigsResponse { 69*d5c09012SAndroid Build Coastguard Worker // The list of KmsConfigs 70*d5c09012SAndroid Build Coastguard Worker repeated KmsConfig kms_configs = 1; 71*d5c09012SAndroid Build Coastguard Worker 72*d5c09012SAndroid Build Coastguard Worker // A token identifying a page of results the server should return. 73*d5c09012SAndroid Build Coastguard Worker string next_page_token = 2; 74*d5c09012SAndroid Build Coastguard Worker 75*d5c09012SAndroid Build Coastguard Worker // Locations that could not be reached. 76*d5c09012SAndroid Build Coastguard Worker repeated string unreachable = 3; 77*d5c09012SAndroid Build Coastguard Worker} 78*d5c09012SAndroid Build Coastguard Worker 79*d5c09012SAndroid Build Coastguard Worker// CreateKmsConfigRequest creates a KMS Config. 80*d5c09012SAndroid Build Coastguard Workermessage CreateKmsConfigRequest { 81*d5c09012SAndroid Build Coastguard Worker // Required. Value for parent. 82*d5c09012SAndroid Build Coastguard Worker string parent = 1 [ 83*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 84*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 85*d5c09012SAndroid Build Coastguard Worker child_type: "netapp.googleapis.com/KmsConfig" 86*d5c09012SAndroid Build Coastguard Worker } 87*d5c09012SAndroid Build Coastguard Worker ]; 88*d5c09012SAndroid Build Coastguard Worker 89*d5c09012SAndroid Build Coastguard Worker // Required. Id of the requesting KmsConfig 90*d5c09012SAndroid Build Coastguard Worker // If auto-generating Id server-side, remove this field and 91*d5c09012SAndroid Build Coastguard Worker // id from the method_signature of Create RPC 92*d5c09012SAndroid Build Coastguard Worker string kms_config_id = 2 [(google.api.field_behavior) = REQUIRED]; 93*d5c09012SAndroid Build Coastguard Worker 94*d5c09012SAndroid Build Coastguard Worker // Required. The required parameters to create a new KmsConfig. 95*d5c09012SAndroid Build Coastguard Worker KmsConfig kms_config = 3 [(google.api.field_behavior) = REQUIRED]; 96*d5c09012SAndroid Build Coastguard Worker} 97*d5c09012SAndroid Build Coastguard Worker 98*d5c09012SAndroid Build Coastguard Worker// UpdateKmsConfigRequest updates a KMS Config. 99*d5c09012SAndroid Build Coastguard Workermessage UpdateKmsConfigRequest { 100*d5c09012SAndroid Build Coastguard Worker // Required. Field mask is used to specify the fields to be overwritten in the 101*d5c09012SAndroid Build Coastguard Worker // KmsConfig resource by the update. 102*d5c09012SAndroid Build Coastguard Worker // The fields specified in the update_mask are relative to the resource, not 103*d5c09012SAndroid Build Coastguard Worker // the full request. A field will be overwritten if it is in the mask. If the 104*d5c09012SAndroid Build Coastguard Worker // user does not provide a mask then all fields will be overwritten. 105*d5c09012SAndroid Build Coastguard Worker google.protobuf.FieldMask update_mask = 1 106*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = REQUIRED]; 107*d5c09012SAndroid Build Coastguard Worker 108*d5c09012SAndroid Build Coastguard Worker // Required. The KmsConfig being updated 109*d5c09012SAndroid Build Coastguard Worker KmsConfig kms_config = 2 [(google.api.field_behavior) = REQUIRED]; 110*d5c09012SAndroid Build Coastguard Worker} 111*d5c09012SAndroid Build Coastguard Worker 112*d5c09012SAndroid Build Coastguard Worker// DeleteKmsConfigRequest deletes a KMS Config. 113*d5c09012SAndroid Build Coastguard Workermessage DeleteKmsConfigRequest { 114*d5c09012SAndroid Build Coastguard Worker // Required. Name of the KmsConfig. 115*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 116*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 117*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 118*d5c09012SAndroid Build Coastguard Worker type: "netapp.googleapis.com/KmsConfig" 119*d5c09012SAndroid Build Coastguard Worker } 120*d5c09012SAndroid Build Coastguard Worker ]; 121*d5c09012SAndroid Build Coastguard Worker} 122*d5c09012SAndroid Build Coastguard Worker 123*d5c09012SAndroid Build Coastguard Worker// EncryptVolumesRequest specifies the KMS config to encrypt existing volumes. 124*d5c09012SAndroid Build Coastguard Workermessage EncryptVolumesRequest { 125*d5c09012SAndroid Build Coastguard Worker // Required. Name of the KmsConfig. 126*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 127*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 128*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 129*d5c09012SAndroid Build Coastguard Worker type: "netapp.googleapis.com/KmsConfig" 130*d5c09012SAndroid Build Coastguard Worker } 131*d5c09012SAndroid Build Coastguard Worker ]; 132*d5c09012SAndroid Build Coastguard Worker} 133*d5c09012SAndroid Build Coastguard Worker 134*d5c09012SAndroid Build Coastguard Worker// VerifyKmsConfigRequest specifies the KMS config to be validated. 135*d5c09012SAndroid Build Coastguard Workermessage VerifyKmsConfigRequest { 136*d5c09012SAndroid Build Coastguard Worker // Required. Name of the KMS Config to be verified. 137*d5c09012SAndroid Build Coastguard Worker string name = 1 [ 138*d5c09012SAndroid Build Coastguard Worker (google.api.field_behavior) = REQUIRED, 139*d5c09012SAndroid Build Coastguard Worker (google.api.resource_reference) = { 140*d5c09012SAndroid Build Coastguard Worker type: "netapp.googleapis.com/KmsConfig" 141*d5c09012SAndroid Build Coastguard Worker } 142*d5c09012SAndroid Build Coastguard Worker ]; 143*d5c09012SAndroid Build Coastguard Worker} 144*d5c09012SAndroid Build Coastguard Worker 145*d5c09012SAndroid Build Coastguard Worker// VerifyKmsConfigResponse contains the information if the config is correctly 146*d5c09012SAndroid Build Coastguard Worker// and error message. 147*d5c09012SAndroid Build Coastguard Workermessage VerifyKmsConfigResponse { 148*d5c09012SAndroid Build Coastguard Worker // Output only. If the customer key configured correctly to the encrypt 149*d5c09012SAndroid Build Coastguard Worker // volume. 150*d5c09012SAndroid Build Coastguard Worker bool healthy = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 151*d5c09012SAndroid Build Coastguard Worker 152*d5c09012SAndroid Build Coastguard Worker // Output only. Error message if config is not healthy. 153*d5c09012SAndroid Build Coastguard Worker string health_error = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 154*d5c09012SAndroid Build Coastguard Worker 155*d5c09012SAndroid Build Coastguard Worker // Output only. Instructions for the customers to provide the access to the 156*d5c09012SAndroid Build Coastguard Worker // encryption key. 157*d5c09012SAndroid Build Coastguard Worker string instructions = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 158*d5c09012SAndroid Build Coastguard Worker} 159*d5c09012SAndroid Build Coastguard Worker 160*d5c09012SAndroid Build Coastguard Worker// KmsConfig is the customer managed encryption key(CMEK) configuration. 161*d5c09012SAndroid Build Coastguard Workermessage KmsConfig { 162*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 163*d5c09012SAndroid Build Coastguard Worker type: "netapp.googleapis.com/KmsConfig" 164*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/locations/{location}/kmsConfigs/{kms_config}" 165*d5c09012SAndroid Build Coastguard Worker plural: "kmsConfigs" 166*d5c09012SAndroid Build Coastguard Worker singular: "kmsConfig" 167*d5c09012SAndroid Build Coastguard Worker }; 168*d5c09012SAndroid Build Coastguard Worker 169*d5c09012SAndroid Build Coastguard Worker // The KmsConfig States 170*d5c09012SAndroid Build Coastguard Worker enum State { 171*d5c09012SAndroid Build Coastguard Worker // Unspecified KmsConfig State 172*d5c09012SAndroid Build Coastguard Worker STATE_UNSPECIFIED = 0; 173*d5c09012SAndroid Build Coastguard Worker 174*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Ready 175*d5c09012SAndroid Build Coastguard Worker READY = 1; 176*d5c09012SAndroid Build Coastguard Worker 177*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Creating 178*d5c09012SAndroid Build Coastguard Worker CREATING = 2; 179*d5c09012SAndroid Build Coastguard Worker 180*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Deleting 181*d5c09012SAndroid Build Coastguard Worker DELETING = 3; 182*d5c09012SAndroid Build Coastguard Worker 183*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Updating 184*d5c09012SAndroid Build Coastguard Worker UPDATING = 4; 185*d5c09012SAndroid Build Coastguard Worker 186*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is In Use. 187*d5c09012SAndroid Build Coastguard Worker IN_USE = 5; 188*d5c09012SAndroid Build Coastguard Worker 189*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Error 190*d5c09012SAndroid Build Coastguard Worker ERROR = 6; 191*d5c09012SAndroid Build Coastguard Worker 192*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Pending to verify crypto key access. 193*d5c09012SAndroid Build Coastguard Worker KEY_CHECK_PENDING = 7; 194*d5c09012SAndroid Build Coastguard Worker 195*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Not accessbile by the SDE service account to the 196*d5c09012SAndroid Build Coastguard Worker // crypto key. 197*d5c09012SAndroid Build Coastguard Worker KEY_NOT_REACHABLE = 8; 198*d5c09012SAndroid Build Coastguard Worker 199*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Disabling. 200*d5c09012SAndroid Build Coastguard Worker DISABLING = 9; 201*d5c09012SAndroid Build Coastguard Worker 202*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Disabled. 203*d5c09012SAndroid Build Coastguard Worker DISABLED = 10; 204*d5c09012SAndroid Build Coastguard Worker 205*d5c09012SAndroid Build Coastguard Worker // KmsConfig State is Migrating. 206*d5c09012SAndroid Build Coastguard Worker // The existing volumes are migrating from SMEK to CMEK. 207*d5c09012SAndroid Build Coastguard Worker MIGRATING = 11; 208*d5c09012SAndroid Build Coastguard Worker } 209*d5c09012SAndroid Build Coastguard Worker 210*d5c09012SAndroid Build Coastguard Worker // Identifier. Name of the KmsConfig. 211*d5c09012SAndroid Build Coastguard Worker string name = 1 [(google.api.field_behavior) = IDENTIFIER]; 212*d5c09012SAndroid Build Coastguard Worker 213*d5c09012SAndroid Build Coastguard Worker // Required. Customer managed crypto key resource full name. Format: 214*d5c09012SAndroid Build Coastguard Worker // projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{key}. 215*d5c09012SAndroid Build Coastguard Worker string crypto_key_name = 2 [(google.api.field_behavior) = REQUIRED]; 216*d5c09012SAndroid Build Coastguard Worker 217*d5c09012SAndroid Build Coastguard Worker // Output only. State of the KmsConfig. 218*d5c09012SAndroid Build Coastguard Worker State state = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 219*d5c09012SAndroid Build Coastguard Worker 220*d5c09012SAndroid Build Coastguard Worker // Output only. State details of the KmsConfig. 221*d5c09012SAndroid Build Coastguard Worker string state_details = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 222*d5c09012SAndroid Build Coastguard Worker 223*d5c09012SAndroid Build Coastguard Worker // Output only. Create time of the KmsConfig. 224*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp create_time = 5 225*d5c09012SAndroid Build Coastguard Worker [(google.api.field_behavior) = OUTPUT_ONLY]; 226*d5c09012SAndroid Build Coastguard Worker 227*d5c09012SAndroid Build Coastguard Worker // Description of the KmsConfig. 228*d5c09012SAndroid Build Coastguard Worker string description = 6; 229*d5c09012SAndroid Build Coastguard Worker 230*d5c09012SAndroid Build Coastguard Worker // Labels as key value pairs 231*d5c09012SAndroid Build Coastguard Worker map<string, string> labels = 7; 232*d5c09012SAndroid Build Coastguard Worker 233*d5c09012SAndroid Build Coastguard Worker // Output only. Instructions to provide the access to the customer provided 234*d5c09012SAndroid Build Coastguard Worker // encryption key. 235*d5c09012SAndroid Build Coastguard Worker string instructions = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; 236*d5c09012SAndroid Build Coastguard Worker 237*d5c09012SAndroid Build Coastguard Worker // Output only. The Service account which will have access to the customer 238*d5c09012SAndroid Build Coastguard Worker // provided encryption key. 239*d5c09012SAndroid Build Coastguard Worker string service_account = 9 [(google.api.field_behavior) = OUTPUT_ONLY]; 240*d5c09012SAndroid Build Coastguard Worker} 241