1// Copyright 2021 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.osconfig.v1alpha; 18 19import "google/api/field_behavior.proto"; 20import "google/api/resource.proto"; 21import "google/cloud/osconfig/v1alpha/os_policy.proto"; 22import "google/cloud/osconfig/v1alpha/osconfig_common.proto"; 23import "google/protobuf/duration.proto"; 24import "google/protobuf/field_mask.proto"; 25import "google/protobuf/timestamp.proto"; 26 27option csharp_namespace = "Google.Cloud.OsConfig.V1Alpha"; 28option go_package = "cloud.google.com/go/osconfig/apiv1alpha/osconfigpb;osconfigpb"; 29option java_multiple_files = true; 30option java_outer_classname = "OsPolicyAssignmentsProto"; 31option java_package = "com.google.cloud.osconfig.v1alpha"; 32option php_namespace = "Google\\Cloud\\OsConfig\\V1alpha"; 33option ruby_package = "Google::Cloud::OsConfig::V1alpha"; 34 35// OS policy assignment is an API resource that is used to 36// apply a set of OS policies to a dynamically targeted group of Compute Engine 37// VM instances. 38// 39// An OS policy is used to define the desired state configuration for a 40// Compute Engine VM instance through a set of configuration resources that 41// provide capabilities such as installing or removing software packages, or 42// executing a script. 43// 44// For more information, see [OS policy and OS policy 45// assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies). 46message OSPolicyAssignment { 47 option (google.api.resource) = { 48 type: "osconfig.googleapis.com/OSPolicyAssignment" 49 pattern: "projects/{project}/locations/{location}/osPolicyAssignments/{os_policy_assignment}" 50 }; 51 52 // Message representing label set. 53 // * A label is a key value pair set for a VM. 54 // * A LabelSet is a set of labels. 55 // * Labels within a LabelSet are ANDed. In other words, a LabelSet is 56 // applicable for a VM only if it matches all the labels in the 57 // LabelSet. 58 // * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will 59 // only be applicable for those VMs with both labels 60 // present. 61 message LabelSet { 62 // Labels are identified by key/value pairs in this map. 63 // A VM should contain all the key/value pairs specified in this 64 // map to be selected. 65 map<string, string> labels = 1; 66 } 67 68 // Filters to select target VMs for an assignment. 69 // 70 // If more than one filter criteria is specified below, a VM will be selected 71 // if and only if it satisfies all of them. 72 message InstanceFilter { 73 // VM inventory details. 74 message Inventory { 75 // Required. The OS short name 76 string os_short_name = 1 [(google.api.field_behavior) = REQUIRED]; 77 78 // The OS version 79 // 80 // Prefix matches are supported if asterisk(*) is provided as the 81 // last character. For example, to match all versions with a major 82 // version of `7`, specify the following value for this field `7.*` 83 // 84 // An empty string matches all OS versions. 85 string os_version = 2; 86 } 87 88 // Target all VMs in the project. If true, no other criteria is 89 // permitted. 90 bool all = 1; 91 92 // Deprecated. Use the `inventories` field instead. 93 // A VM is selected if it's OS short name matches with any of the 94 // values provided in this list. 95 repeated string os_short_names = 2 [deprecated = true]; 96 97 // List of label sets used for VM inclusion. 98 // 99 // If the list has more than one `LabelSet`, the VM is included if any 100 // of the label sets are applicable for the VM. 101 repeated LabelSet inclusion_labels = 3; 102 103 // List of label sets used for VM exclusion. 104 // 105 // If the list has more than one label set, the VM is excluded if any 106 // of the label sets are applicable for the VM. 107 repeated LabelSet exclusion_labels = 4; 108 109 // List of inventories to select VMs. 110 // 111 // A VM is selected if its inventory data matches at least one of the 112 // following inventories. 113 repeated Inventory inventories = 5; 114 } 115 116 // Message to configure the rollout at the zonal level for the OS policy 117 // assignment. 118 message Rollout { 119 // Required. The maximum number (or percentage) of VMs per zone to disrupt at 120 // any given moment. 121 FixedOrPercent disruption_budget = 1 [(google.api.field_behavior) = REQUIRED]; 122 123 // Required. This determines the minimum duration of time to wait after the 124 // configuration changes are applied through the current rollout. A 125 // VM continues to count towards the `disruption_budget` at least 126 // until this duration of time has passed after configuration changes are 127 // applied. 128 google.protobuf.Duration min_wait_duration = 2 [(google.api.field_behavior) = REQUIRED]; 129 } 130 131 // OS policy assignment rollout state 132 enum RolloutState { 133 // Invalid value 134 ROLLOUT_STATE_UNSPECIFIED = 0; 135 136 // The rollout is in progress. 137 IN_PROGRESS = 1; 138 139 // The rollout is being cancelled. 140 CANCELLING = 2; 141 142 // The rollout is cancelled. 143 CANCELLED = 3; 144 145 // The rollout has completed successfully. 146 SUCCEEDED = 4; 147 } 148 149 // Resource name. 150 // 151 // Format: 152 // `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}` 153 // 154 // This field is ignored when you create an OS policy assignment. 155 string name = 1; 156 157 // OS policy assignment description. 158 // Length of the description is limited to 1024 characters. 159 string description = 2; 160 161 // Required. List of OS policies to be applied to the VMs. 162 repeated OSPolicy os_policies = 3 [(google.api.field_behavior) = REQUIRED]; 163 164 // Required. Filter to select VMs. 165 InstanceFilter instance_filter = 4 [(google.api.field_behavior) = REQUIRED]; 166 167 // Required. Rollout to deploy the OS policy assignment. 168 // A rollout is triggered in the following situations: 169 // 1) OSPolicyAssignment is created. 170 // 2) OSPolicyAssignment is updated and the update contains changes to one of 171 // the following fields: 172 // - instance_filter 173 // - os_policies 174 // 3) OSPolicyAssignment is deleted. 175 Rollout rollout = 5 [(google.api.field_behavior) = REQUIRED]; 176 177 // Output only. The assignment revision ID 178 // A new revision is committed whenever a rollout is triggered for a OS policy 179 // assignment 180 string revision_id = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; 181 182 // Output only. The timestamp that the revision was created. 183 google.protobuf.Timestamp revision_create_time = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; 184 185 // The etag for this OS policy assignment. 186 // If this is provided on update, it must match the server's etag. 187 string etag = 8; 188 189 // Output only. OS policy assignment rollout state 190 RolloutState rollout_state = 9 [(google.api.field_behavior) = OUTPUT_ONLY]; 191 192 // Output only. Indicates that this revision has been successfully rolled out in this zone 193 // and new VMs will be assigned OS policies from this revision. 194 // 195 // For a given OS policy assignment, there is only one revision with a value 196 // of `true` for this field. 197 bool baseline = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; 198 199 // Output only. Indicates that this revision deletes the OS policy assignment. 200 bool deleted = 11 [(google.api.field_behavior) = OUTPUT_ONLY]; 201 202 // Output only. Indicates that reconciliation is in progress for the revision. 203 // This value is `true` when the `rollout_state` is one of: 204 // * IN_PROGRESS 205 // * CANCELLING 206 bool reconciling = 12 [(google.api.field_behavior) = OUTPUT_ONLY]; 207 208 // Output only. Server generated unique id for the OS policy assignment resource. 209 string uid = 13 [(google.api.field_behavior) = OUTPUT_ONLY]; 210} 211 212// OS policy assignment operation metadata provided by OS policy assignment API 213// methods that return long running operations. 214message OSPolicyAssignmentOperationMetadata { 215 // The OS policy assignment API method. 216 enum APIMethod { 217 // Invalid value 218 API_METHOD_UNSPECIFIED = 0; 219 220 // Create OS policy assignment API method 221 CREATE = 1; 222 223 // Update OS policy assignment API method 224 UPDATE = 2; 225 226 // Delete OS policy assignment API method 227 DELETE = 3; 228 } 229 230 // State of the rollout 231 enum RolloutState { 232 // Invalid value 233 ROLLOUT_STATE_UNSPECIFIED = 0; 234 235 // The rollout is in progress. 236 IN_PROGRESS = 1; 237 238 // The rollout is being cancelled. 239 CANCELLING = 2; 240 241 // The rollout is cancelled. 242 CANCELLED = 3; 243 244 // The rollout has completed successfully. 245 SUCCEEDED = 4; 246 } 247 248 // Reference to the `OSPolicyAssignment` API resource. 249 // 250 // Format: 251 // `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}` 252 string os_policy_assignment = 1 [(google.api.resource_reference) = { 253 type: "osconfig.googleapis.com/OSPolicyAssignment" 254 }]; 255 256 // The OS policy assignment API method. 257 APIMethod api_method = 2; 258 259 // State of the rollout 260 RolloutState rollout_state = 3; 261 262 // Rollout start time 263 google.protobuf.Timestamp rollout_start_time = 4; 264 265 // Rollout update time 266 google.protobuf.Timestamp rollout_update_time = 5; 267} 268 269// A request message to create an OS policy assignment 270message CreateOSPolicyAssignmentRequest { 271 // Required. The parent resource name in the form: 272 // projects/{project}/locations/{location} 273 string parent = 1 [ 274 (google.api.field_behavior) = REQUIRED, 275 (google.api.resource_reference) = { 276 type: "locations.googleapis.com/Location" 277 } 278 ]; 279 280 // Required. The OS policy assignment to be created. 281 OSPolicyAssignment os_policy_assignment = 2 [(google.api.field_behavior) = REQUIRED]; 282 283 // Required. The logical name of the OS policy assignment in the project 284 // with the following restrictions: 285 // 286 // * Must contain only lowercase letters, numbers, and hyphens. 287 // * Must start with a letter. 288 // * Must be between 1-63 characters. 289 // * Must end with a number or a letter. 290 // * Must be unique within the project. 291 string os_policy_assignment_id = 3 [(google.api.field_behavior) = REQUIRED]; 292} 293 294// A request message to update an OS policy assignment 295message UpdateOSPolicyAssignmentRequest { 296 // Required. The updated OS policy assignment. 297 OSPolicyAssignment os_policy_assignment = 1 [(google.api.field_behavior) = REQUIRED]; 298 299 // Optional. Field mask that controls which fields of the assignment should be updated. 300 google.protobuf.FieldMask update_mask = 2 [(google.api.field_behavior) = OPTIONAL]; 301} 302 303// A request message to get an OS policy assignment 304message GetOSPolicyAssignmentRequest { 305 // Required. The resource name of OS policy assignment. 306 // 307 // Format: 308 // `projects/{project}/locations/{location}/osPolicyAssignments/{os_policy_assignment}@{revisionId}` 309 string name = 1 [ 310 (google.api.field_behavior) = REQUIRED, 311 (google.api.resource_reference) = { 312 type: "osconfig.googleapis.com/OSPolicyAssignment" 313 } 314 ]; 315} 316 317// A request message to list OS policy assignments for a parent resource 318message ListOSPolicyAssignmentsRequest { 319 // Required. The parent resource name. 320 string parent = 1 [ 321 (google.api.field_behavior) = REQUIRED, 322 (google.api.resource_reference) = { 323 type: "locations.googleapis.com/Location" 324 } 325 ]; 326 327 // The maximum number of assignments to return. 328 int32 page_size = 2; 329 330 // A pagination token returned from a previous call to 331 // `ListOSPolicyAssignments` that indicates where this listing should continue 332 // from. 333 string page_token = 3; 334} 335 336// A response message for listing all assignments under given parent. 337message ListOSPolicyAssignmentsResponse { 338 // The list of assignments 339 repeated OSPolicyAssignment os_policy_assignments = 1; 340 341 // The pagination token to retrieve the next page of OS policy assignments. 342 string next_page_token = 2; 343} 344 345// A request message to list revisions for a OS policy assignment 346message ListOSPolicyAssignmentRevisionsRequest { 347 // Required. The name of the OS policy assignment to list revisions for. 348 string name = 1 [ 349 (google.api.field_behavior) = REQUIRED, 350 (google.api.resource_reference) = { 351 type: "osconfig.googleapis.com/OSPolicyAssignment" 352 } 353 ]; 354 355 // The maximum number of revisions to return. 356 int32 page_size = 2; 357 358 // A pagination token returned from a previous call to 359 // `ListOSPolicyAssignmentRevisions` that indicates where this listing should 360 // continue from. 361 string page_token = 3; 362} 363 364// A response message for listing all revisions for a OS policy assignment. 365message ListOSPolicyAssignmentRevisionsResponse { 366 // The OS policy assignment revisions 367 repeated OSPolicyAssignment os_policy_assignments = 1; 368 369 // The pagination token to retrieve the next page of OS policy assignment 370 // revisions. 371 string next_page_token = 2; 372} 373 374// A request message for deleting a OS policy assignment. 375message DeleteOSPolicyAssignmentRequest { 376 // Required. The name of the OS policy assignment to be deleted 377 string name = 1 [ 378 (google.api.field_behavior) = REQUIRED, 379 (google.api.resource_reference) = { 380 type: "osconfig.googleapis.com/OSPolicyAssignment" 381 } 382 ]; 383} 384