xuyiping
/
kpt-grpc-demo


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389
							// Copyright 2021 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

syntax = "proto3";

package google.cloud.managedidentities.v1beta1;

import "google/api/annotations.proto";
import "google/api/client.proto";
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/cloud/managedidentities/v1beta1/resource.proto";
import "google/longrunning/operations.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/timestamp.proto";

option csharp_namespace = "Google.Cloud.ManagedIdentities.V1Beta1";
option go_package = "google.golang.org/genproto/googleapis/cloud/managedidentities/v1beta1;managedidentities";
option java_multiple_files = true;
option java_outer_classname = "ManagedIdentitiesServiceProto";
option java_package = "com.google.cloud.managedidentities.v1beta1";
option objc_class_prefix = "GCMI";
option php_namespace = "Google\\Cloud\\ManagedIdentities\\V1beta1";
option ruby_package = "Google::Cloud::ManagedIdentities::V1beta1";

service ManagedIdentitiesService {
  option (google.api.default_host) = "managedidentities.googleapis.com";
  option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";

  // Creates a Microsoft AD domain.
  rpc CreateMicrosoftAdDomain(CreateMicrosoftAdDomainRequest) returns (google.longrunning.Operation) {

    option (google.api.http) = {

      post: "/v1beta1/{parent=projects/*/locations/global}/domains"

      body: "domain"

    };
    option (google.api.method_signature) = "parent,domain_name,domain";
    option (google.longrunning.operation_info) = {
      response_type: "Domain"
      metadata_type: "OpMetadata"
    };
  }

  // Resets a domain's administrator password.
  rpc ResetAdminPassword(ResetAdminPasswordRequest) returns (ResetAdminPasswordResponse) {

    option (google.api.http) = {

      post: "/v1beta1/{name=projects/*/locations/global/domains/*}:resetAdminPassword"

      body: "*"

    };
    option (google.api.method_signature) = "name";
  }

  // Lists domains in a project.
  rpc ListDomains(ListDomainsRequest) returns (ListDomainsResponse) {

    option (google.api.http) = {

      get: "/v1beta1/{parent=projects/*/locations/global}/domains"

    };
    option (google.api.method_signature) = "parent";
  }

  // Gets information about a domain.
  rpc GetDomain(GetDomainRequest) returns (Domain) {

    option (google.api.http) = {

      get: "/v1beta1/{name=projects/*/locations/global/domains/*}"

    };
    option (google.api.method_signature) = "name";
  }

  // Updates the metadata and configuration of a domain.
  rpc UpdateDomain(UpdateDomainRequest) returns (google.longrunning.Operation) {

    option (google.api.http) = {

      patch: "/v1beta1/{domain.name=projects/*/locations/global/domains/*}"

      body: "domain"

    };
    option (google.api.method_signature) = "domain,update_mask";
    option (google.longrunning.operation_info) = {
      response_type: "Domain"
      metadata_type: "OpMetadata"
    };
  }

  // Deletes a domain.
  rpc DeleteDomain(DeleteDomainRequest) returns (google.longrunning.Operation) {

    option (google.api.http) = {

      delete: "/v1beta1/{name=projects/*/locations/global/domains/*}"

    };
    option (google.api.method_signature) = "name";
    option (google.longrunning.operation_info) = {
      response_type: "google.protobuf.Empty"
      metadata_type: "OpMetadata"
    };
  }

  // Adds an AD trust to a domain.
  rpc AttachTrust(AttachTrustRequest) returns (google.longrunning.Operation) {

    option (google.api.http) = {

      post: "/v1beta1/{name=projects/*/locations/global/domains/*}:attachTrust"

      body: "*"

    };
    option (google.api.method_signature) = "name,trust";
    option (google.longrunning.operation_info) = {
      response_type: "Domain"
      metadata_type: "OpMetadata"
    };
  }

  // Updates the DNS conditional forwarder.
  rpc ReconfigureTrust(ReconfigureTrustRequest) returns (google.longrunning.Operation) {

    option (google.api.http) = {

      post: "/v1beta1/{name=projects/*/locations/global/domains/*}:reconfigureTrust"

      body: "*"

    };
    option (google.api.method_signature) = "name,target_domain_name,target_dns_ip_addresses";
    option (google.longrunning.operation_info) = {
      response_type: "Domain"
      metadata_type: "OpMetadata"
    };
  }

  // Removes an AD trust.
  rpc DetachTrust(DetachTrustRequest) returns (google.longrunning.Operation) {

    option (google.api.http) = {

      post: "/v1beta1/{name=projects/*/locations/global/domains/*}:detachTrust"

      body: "*"

    };
    option (google.api.method_signature) = "name,trust";
    option (google.longrunning.operation_info) = {
      response_type: "Domain"
      metadata_type: "OpMetadata"
    };
  }

  // Validates a trust state, that the target domain is reachable, and that the
  // target domain is able to accept incoming trust requests.
  rpc ValidateTrust(ValidateTrustRequest) returns (google.longrunning.Operation) {

    option (google.api.http) = {

      post: "/v1beta1/{name=projects/*/locations/global/domains/*}:validateTrust"

      body: "*"

    };
    option (google.api.method_signature) = "name,trust";
    option (google.longrunning.operation_info) = {
      response_type: "Domain"
      metadata_type: "OpMetadata"
    };
  }
}

// Represents the metadata of the long-running operation.
message OpMetadata {
  // Output only. The time the operation was created.
  google.protobuf.Timestamp create_time = 1 [(google.api.field_behavior) = OUTPUT_ONLY];

  // Output only. The time the operation finished running.
  google.protobuf.Timestamp end_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY];

  // Output only. Server-defined resource path for the target of the operation.
  string target = 3 [(google.api.field_behavior) = OUTPUT_ONLY];

  // Output only. Name of the verb executed by the operation.
  string verb = 4 [(google.api.field_behavior) = OUTPUT_ONLY];

  // Output only. Identifies whether the user has requested cancellation
  // of the operation. Operations that have successfully been cancelled
  // have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
  // corresponding to `Code.CANCELLED`.
  bool requested_cancellation = 5 [(google.api.field_behavior) = OUTPUT_ONLY];

  // Output only. API version used to start the operation.
  string api_version = 6 [(google.api.field_behavior) = OUTPUT_ONLY];
}

// Request message for
// [CreateMicrosoftAdDomain][google.cloud.managedidentities.v1beta1.CreateMicrosoftAdDomain]
message CreateMicrosoftAdDomainRequest {
  // Required. The resource project name and location using the form:
  // `projects/{project_id}/locations/global`
  string parent = 1 [
    (google.api.field_behavior) = REQUIRED,
    (google.api.resource_reference) = {
      child_type: "managedidentities.googleapis.com/Domain"
    }
  ];

  // Required. A domain name, e.g. mydomain.myorg.com, with the following restrictions:
  //  * Must contain only lowercase letters, numbers, periods and hyphens.
  //  * Must start with a letter.
  //  * Must contain between 2-64 characters.
  //  * Must end with a number or a letter.
  //  * Must not start with period.
  //  * First segment length (mydomain form example above) shouldn't exceed
  //    15 chars.
  //  * The last segment cannot be fully numeric.
  //  * Must be unique within the customer project.
  string domain_name = 2 [(google.api.field_behavior) = REQUIRED];

  // Required. A Managed Identity domain resource.
  Domain domain = 3 [(google.api.field_behavior) = REQUIRED];
}

// Request message for
// [ResetAdminPassword][google.cloud.managedidentities.v1beta1.ResetAdminPassword]
message ResetAdminPasswordRequest {
  // Required. The domain resource name using the form:
  // `projects/{project_id}/locations/global/domains/{domain_name}`
  string name = 1 [
    (google.api.field_behavior) = REQUIRED,
    (google.api.resource_reference) = {
      type: "managedidentities.googleapis.com/Domain"
    }
  ];
}

// Response message for
// [ResetAdminPassword][google.cloud.managedidentities.v1beta1.ResetAdminPassword]
message ResetAdminPasswordResponse {
  // A random password. See [admin][google.cloud.managedidentities.v1beta1.Domain.admin] for more information.
  string password = 1;
}

// Request message for
// [ListDomains][google.cloud.managedidentities.v1beta1.ListDomains]
message ListDomainsRequest {
  // Required. The resource name of the domain location using the form:
  // `projects/{project_id}/locations/global`
  string parent = 1 [
    (google.api.field_behavior) = REQUIRED,
    (google.api.resource_reference) = {
      child_type: "managedidentities.googleapis.com/Domain"
    }
  ];

  // Optional. The maximum number of items to return.
  // If not specified, a default value of 1000 will be used.
  // Regardless of the page_size value, the response may include a partial list.
  // Callers should rely on a response's
  // [next_page_token][google.cloud.managedidentities.v1beta1.ListDomainsResponse.next_page_token]
  // to determine if there are additional results to list.
  int32 page_size = 2;

  // The `next_page_token` value returned from a previous ListDomainsRequest
  // request, if any.
  string page_token = 3;

  // Optional. A filter specifying constraints of a list operation.
  // For example, `Domain.fqdn="mydomain.myorginization"`.
  string filter = 4;

  // Optional. Specifies the ordering of results. See
  // [Sorting
  // order](https://cloud.google.com/apis/design/design_patterns#sorting_order)
  // for more information.
  string order_by = 5;
}

// Response message for
// [ListDomains][google.cloud.managedidentities.v1beta1.ListDomains]
message ListDomainsResponse {
  // A list of Managed Identities Service domains in the project.
  repeated Domain domains = 1;

  // A token to retrieve the next page of results, or empty if there are no more
  // results in the list.
  string next_page_token = 2;

  // A list of locations that could not be reached.
  repeated string unreachable = 3;
}

// Request message for
// [GetDomain][google.cloud.managedidentities.v1beta1.GetDomain]
message GetDomainRequest {
  // Required. The domain resource name using the form:
  // `projects/{project_id}/locations/global/domains/{domain_name}`
  string name = 1 [
    (google.api.field_behavior) = REQUIRED,
    (google.api.resource_reference) = {
      type: "managedidentities.googleapis.com/Domain"
    }
  ];
}

// Request message for
// [UpdateDomain][google.cloud.managedidentities.v1beta1.UpdateDomain]
message UpdateDomainRequest {
  // Required. Mask of fields to update. At least one path must be supplied in this
  // field. The elements of the repeated paths field may only include
  // fields from [Domain][google.cloud.managedidentities.v1beta1.Domain]:
  //  * `labels`
  //  * `locations`
  //  * `authorized_networks`
  //  * `audit_logs_enabled`
  google.protobuf.FieldMask update_mask = 1 [(google.api.field_behavior) = REQUIRED];

  // Required. Domain message with updated fields. Only supported fields specified in
  // update_mask are updated.
  Domain domain = 2 [(google.api.field_behavior) = REQUIRED];
}

// Request message for
// [DeleteDomain][google.cloud.managedidentities.v1beta1.DeleteDomain]
message DeleteDomainRequest {
  // Required. The domain resource name using the form:
  // `projects/{project_id}/locations/global/domains/{domain_name}`
  string name = 1 [
    (google.api.field_behavior) = REQUIRED,
    (google.api.resource_reference) = {
      type: "managedidentities.googleapis.com/Domain"
    }
  ];
}

// Request message for
// [AttachTrust][google.cloud.managedidentities.v1beta1.AttachTrust]
message AttachTrustRequest {
  // Required. The resource domain name, project name and location using the form:
  // `projects/{project_id}/locations/global/domains/{domain_name}`
  string name = 1 [
    (google.api.field_behavior) = REQUIRED,
    (google.api.resource_reference) = {
      type: "managedidentities.googleapis.com/Domain"
    }
  ];

  // Required. The domain trust resource.
  Trust trust = 2 [(google.api.field_behavior) = REQUIRED];
}

// Request message for
// [ReconfigureTrust][google.cloud.managedidentities.v1beta1.ReconfigureTrust]
message ReconfigureTrustRequest {
  // Required. The resource domain name, project name and location using the form:
  // `projects/{project_id}/locations/global/domains/{domain_name}`
  string name = 1 [
    (google.api.field_behavior) = REQUIRED,
    (google.api.resource_reference) = {
      type: "managedidentities.googleapis.com/Domain"
    }
  ];

  // Required. The fully-qualified target domain name which will be in trust with current
  // domain.
  string target_domain_name = 2 [(google.api.field_behavior) = REQUIRED];

  // Required. The target DNS server IP addresses to resolve the remote domain involved
  // in the trust.
  repeated string target_dns_ip_addresses = 3 [(google.api.field_behavior) = REQUIRED];
}

// Request message for
// [DetachTrust][google.cloud.managedidentities.v1beta1.DetachTrust]
message DetachTrustRequest {
  // Required. The resource domain name, project name, and location using the form:
  // `projects/{project_id}/locations/global/domains/{domain_name}`
  string name = 1 [
    (google.api.field_behavior) = REQUIRED,
    (google.api.resource_reference) = {
      type: "managedidentities.googleapis.com/Domain"
    }
  ];

  // Required. The domain trust resource to removed.
  Trust trust = 2 [(google.api.field_behavior) = REQUIRED];
}

// Request message for
// [ValidateTrust][google.cloud.managedidentities.v1beta1.ValidateTrust]
message ValidateTrustRequest {
  // Required. The resource domain name, project name, and location using the form:
  // `projects/{project_id}/locations/global/domains/{domain_name}`
  string name = 1 [
    (google.api.field_behavior) = REQUIRED,
    (google.api.resource_reference) = {
      type: "managedidentities.googleapis.com/Domain"
    }
  ];

  // Required. The domain trust to validate trust state for.
  Trust trust = 2 [(google.api.field_behavior) = REQUIRED];
}