1// Copyright 2021 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.osconfig.v1; 18 19import "google/api/field_behavior.proto"; 20import "google/api/resource.proto"; 21import "google/cloud/osconfig/v1/os_policy.proto"; 22import "google/cloud/osconfig/v1/osconfig_common.proto"; 23import "google/protobuf/duration.proto"; 24import "google/protobuf/field_mask.proto"; 25import "google/protobuf/timestamp.proto"; 26 27option csharp_namespace = "Google.Cloud.OsConfig.V1"; 28option go_package = "cloud.google.com/go/osconfig/apiv1/osconfigpb;osconfigpb"; 29option java_multiple_files = true; 30option java_outer_classname = "OsPolicyAssignmentsProto"; 31option java_package = "com.google.cloud.osconfig.v1"; 32option php_namespace = "Google\\Cloud\\OsConfig\\V1"; 33option ruby_package = "Google::Cloud::OsConfig::V1"; 34 35// OS policy assignment is an API resource that is used to 36// apply a set of OS policies to a dynamically targeted group of Compute Engine 37// VM instances. 38// 39// An OS policy is used to define the desired state configuration for a 40// Compute Engine VM instance through a set of configuration resources that 41// provide capabilities such as installing or removing software packages, or 42// executing a script. 43// 44// For more information, see [OS policy and OS policy 45// assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies). 46message OSPolicyAssignment { 47 option (google.api.resource) = { 48 type: "osconfig.googleapis.com/OSPolicyAssignment" 49 pattern: "projects/{project}/locations/{location}/osPolicyAssignments/{os_policy_assignment}" 50 }; 51 52 // Message representing label set. 53 // * A label is a key value pair set for a VM. 54 // * A LabelSet is a set of labels. 55 // * Labels within a LabelSet are ANDed. In other words, a LabelSet is 56 // applicable for a VM only if it matches all the labels in the 57 // LabelSet. 58 // * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will 59 // only be applicable for those VMs with both labels 60 // present. 61 message LabelSet { 62 // Labels are identified by key/value pairs in this map. 63 // A VM should contain all the key/value pairs specified in this 64 // map to be selected. 65 map<string, string> labels = 1; 66 } 67 68 // Filters to select target VMs for an assignment. 69 // 70 // If more than one filter criteria is specified below, a VM will be selected 71 // if and only if it satisfies all of them. 72 message InstanceFilter { 73 // VM inventory details. 74 message Inventory { 75 // Required. The OS short name 76 string os_short_name = 1 [(google.api.field_behavior) = REQUIRED]; 77 78 // The OS version 79 // 80 // Prefix matches are supported if asterisk(*) is provided as the 81 // last character. For example, to match all versions with a major 82 // version of `7`, specify the following value for this field `7.*` 83 // 84 // An empty string matches all OS versions. 85 string os_version = 2; 86 } 87 88 // Target all VMs in the project. If true, no other criteria is 89 // permitted. 90 bool all = 1; 91 92 // List of label sets used for VM inclusion. 93 // 94 // If the list has more than one `LabelSet`, the VM is included if any 95 // of the label sets are applicable for the VM. 96 repeated LabelSet inclusion_labels = 2; 97 98 // List of label sets used for VM exclusion. 99 // 100 // If the list has more than one label set, the VM is excluded if any 101 // of the label sets are applicable for the VM. 102 repeated LabelSet exclusion_labels = 3; 103 104 // List of inventories to select VMs. 105 // 106 // A VM is selected if its inventory data matches at least one of the 107 // following inventories. 108 repeated Inventory inventories = 4; 109 } 110 111 // Message to configure the rollout at the zonal level for the OS policy 112 // assignment. 113 message Rollout { 114 // Required. The maximum number (or percentage) of VMs per zone to disrupt 115 // at any given moment. 116 FixedOrPercent disruption_budget = 1 117 [(google.api.field_behavior) = REQUIRED]; 118 119 // Required. This determines the minimum duration of time to wait after the 120 // configuration changes are applied through the current rollout. A 121 // VM continues to count towards the `disruption_budget` at least 122 // until this duration of time has passed after configuration changes are 123 // applied. 124 google.protobuf.Duration min_wait_duration = 2 125 [(google.api.field_behavior) = REQUIRED]; 126 } 127 128 // OS policy assignment rollout state 129 enum RolloutState { 130 // Invalid value 131 ROLLOUT_STATE_UNSPECIFIED = 0; 132 133 // The rollout is in progress. 134 IN_PROGRESS = 1; 135 136 // The rollout is being cancelled. 137 CANCELLING = 2; 138 139 // The rollout is cancelled. 140 CANCELLED = 3; 141 142 // The rollout has completed successfully. 143 SUCCEEDED = 4; 144 } 145 146 // Resource name. 147 // 148 // Format: 149 // `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` 150 // 151 // This field is ignored when you create an OS policy assignment. 152 string name = 1; 153 154 // OS policy assignment description. 155 // Length of the description is limited to 1024 characters. 156 string description = 2; 157 158 // Required. List of OS policies to be applied to the VMs. 159 repeated OSPolicy os_policies = 3 [(google.api.field_behavior) = REQUIRED]; 160 161 // Required. Filter to select VMs. 162 InstanceFilter instance_filter = 4 [(google.api.field_behavior) = REQUIRED]; 163 164 // Required. Rollout to deploy the OS policy assignment. 165 // A rollout is triggered in the following situations: 166 // 1) OSPolicyAssignment is created. 167 // 2) OSPolicyAssignment is updated and the update contains changes to one of 168 // the following fields: 169 // - instance_filter 170 // - os_policies 171 // 3) OSPolicyAssignment is deleted. 172 Rollout rollout = 5 [(google.api.field_behavior) = REQUIRED]; 173 174 // Output only. The assignment revision ID 175 // A new revision is committed whenever a rollout is triggered for a OS policy 176 // assignment 177 string revision_id = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; 178 179 // Output only. The timestamp that the revision was created. 180 google.protobuf.Timestamp revision_create_time = 7 181 [(google.api.field_behavior) = OUTPUT_ONLY]; 182 183 // The etag for this OS policy assignment. 184 // If this is provided on update, it must match the server's etag. 185 string etag = 8; 186 187 // Output only. OS policy assignment rollout state 188 RolloutState rollout_state = 9 [(google.api.field_behavior) = OUTPUT_ONLY]; 189 190 // Output only. Indicates that this revision has been successfully rolled out 191 // in this zone and new VMs will be assigned OS policies from this revision. 192 // 193 // For a given OS policy assignment, there is only one revision with a value 194 // of `true` for this field. 195 bool baseline = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; 196 197 // Output only. Indicates that this revision deletes the OS policy assignment. 198 bool deleted = 11 [(google.api.field_behavior) = OUTPUT_ONLY]; 199 200 // Output only. Indicates that reconciliation is in progress for the revision. 201 // This value is `true` when the `rollout_state` is one of: 202 // * IN_PROGRESS 203 // * CANCELLING 204 bool reconciling = 12 [(google.api.field_behavior) = OUTPUT_ONLY]; 205 206 // Output only. Server generated unique id for the OS policy assignment 207 // resource. 208 string uid = 13 [(google.api.field_behavior) = OUTPUT_ONLY]; 209} 210 211// OS policy assignment operation metadata provided by OS policy assignment API 212// methods that return long running operations. 213message OSPolicyAssignmentOperationMetadata { 214 // The OS policy assignment API method. 215 enum APIMethod { 216 // Invalid value 217 API_METHOD_UNSPECIFIED = 0; 218 219 // Create OS policy assignment API method 220 CREATE = 1; 221 222 // Update OS policy assignment API method 223 UPDATE = 2; 224 225 // Delete OS policy assignment API method 226 DELETE = 3; 227 } 228 229 // State of the rollout 230 enum RolloutState { 231 // Invalid value 232 ROLLOUT_STATE_UNSPECIFIED = 0; 233 234 // The rollout is in progress. 235 IN_PROGRESS = 1; 236 237 // The rollout is being cancelled. 238 CANCELLING = 2; 239 240 // The rollout is cancelled. 241 CANCELLED = 3; 242 243 // The rollout has completed successfully. 244 SUCCEEDED = 4; 245 } 246 247 // Reference to the `OSPolicyAssignment` API resource. 248 // 249 // Format: 250 // `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}` 251 string os_policy_assignment = 1 [(google.api.resource_reference) = { 252 type: "osconfig.googleapis.com/OSPolicyAssignment" 253 }]; 254 255 // The OS policy assignment API method. 256 APIMethod api_method = 2; 257 258 // State of the rollout 259 RolloutState rollout_state = 3; 260 261 // Rollout start time 262 google.protobuf.Timestamp rollout_start_time = 4; 263 264 // Rollout update time 265 google.protobuf.Timestamp rollout_update_time = 5; 266} 267 268// A request message to create an OS policy assignment 269message CreateOSPolicyAssignmentRequest { 270 // Required. The parent resource name in the form: 271 // projects/{project}/locations/{location} 272 string parent = 1 [ 273 (google.api.field_behavior) = REQUIRED, 274 (google.api.resource_reference) = { 275 type: "locations.googleapis.com/Location" 276 } 277 ]; 278 279 // Required. The OS policy assignment to be created. 280 OSPolicyAssignment os_policy_assignment = 2 281 [(google.api.field_behavior) = REQUIRED]; 282 283 // Required. The logical name of the OS policy assignment in the project 284 // with the following restrictions: 285 // 286 // * Must contain only lowercase letters, numbers, and hyphens. 287 // * Must start with a letter. 288 // * Must be between 1-63 characters. 289 // * Must end with a number or a letter. 290 // * Must be unique within the project. 291 string os_policy_assignment_id = 3 [(google.api.field_behavior) = REQUIRED]; 292} 293 294// A request message to update an OS policy assignment 295message UpdateOSPolicyAssignmentRequest { 296 // Required. The updated OS policy assignment. 297 OSPolicyAssignment os_policy_assignment = 1 298 [(google.api.field_behavior) = REQUIRED]; 299 300 // Optional. Field mask that controls which fields of the assignment should be 301 // updated. 302 google.protobuf.FieldMask update_mask = 2 303 [(google.api.field_behavior) = OPTIONAL]; 304} 305 306// A request message to get an OS policy assignment 307message GetOSPolicyAssignmentRequest { 308 // Required. The resource name of OS policy assignment. 309 // 310 // Format: 311 // `projects/{project}/locations/{location}/osPolicyAssignments/{os_policy_assignment}@{revisionId}` 312 string name = 1 [ 313 (google.api.field_behavior) = REQUIRED, 314 (google.api.resource_reference) = { 315 type: "osconfig.googleapis.com/OSPolicyAssignment" 316 } 317 ]; 318} 319 320// A request message to list OS policy assignments for a parent resource 321message ListOSPolicyAssignmentsRequest { 322 // Required. The parent resource name. 323 string parent = 1 [ 324 (google.api.field_behavior) = REQUIRED, 325 (google.api.resource_reference) = { 326 type: "locations.googleapis.com/Location" 327 } 328 ]; 329 330 // The maximum number of assignments to return. 331 int32 page_size = 2; 332 333 // A pagination token returned from a previous call to 334 // `ListOSPolicyAssignments` that indicates where this listing should continue 335 // from. 336 string page_token = 3; 337} 338 339// A response message for listing all assignments under given parent. 340message ListOSPolicyAssignmentsResponse { 341 // The list of assignments 342 repeated OSPolicyAssignment os_policy_assignments = 1; 343 344 // The pagination token to retrieve the next page of OS policy assignments. 345 string next_page_token = 2; 346} 347 348// A request message to list revisions for a OS policy assignment 349message ListOSPolicyAssignmentRevisionsRequest { 350 // Required. The name of the OS policy assignment to list revisions for. 351 string name = 1 [ 352 (google.api.field_behavior) = REQUIRED, 353 (google.api.resource_reference) = { 354 type: "osconfig.googleapis.com/OSPolicyAssignment" 355 } 356 ]; 357 358 // The maximum number of revisions to return. 359 int32 page_size = 2; 360 361 // A pagination token returned from a previous call to 362 // `ListOSPolicyAssignmentRevisions` that indicates where this listing should 363 // continue from. 364 string page_token = 3; 365} 366 367// A response message for listing all revisions for a OS policy assignment. 368message ListOSPolicyAssignmentRevisionsResponse { 369 // The OS policy assignment revisions 370 repeated OSPolicyAssignment os_policy_assignments = 1; 371 372 // The pagination token to retrieve the next page of OS policy assignment 373 // revisions. 374 string next_page_token = 2; 375} 376 377// A request message for deleting a OS policy assignment. 378message DeleteOSPolicyAssignmentRequest { 379 // Required. The name of the OS policy assignment to be deleted 380 string name = 1 [ 381 (google.api.field_behavior) = REQUIRED, 382 (google.api.resource_reference) = { 383 type: "osconfig.googleapis.com/OSPolicyAssignment" 384 } 385 ]; 386} 387