// Copyright 2022 Luca Casonato. All rights reserved. MIT license. /** * Cloud Controls Partner API Client for Deno * ========================================== * * Provides insights about your customers and their Assured Workloads based on your Sovereign Controls by Partners offering. * * Docs: https://cloud.google.com/sovereign-controls-by-partners/docs/sovereign-partners/reference/rest * Source: https://googleapis.deno.dev/v1/cloudcontrolspartner:v1.ts */ import { auth, CredentialsClient, GoogleAuth, request } from "/_/base@v1/mod.ts"; export { auth, GoogleAuth }; export type { CredentialsClient }; /** * Provides insights about your customers and their Assured Workloads based on * your Sovereign Controls by Partners offering. */ export class CloudControlsPartner { #client: CredentialsClient | undefined; #baseUrl: string; constructor(client?: CredentialsClient, baseUrl: string = "https://cloudcontrolspartner.googleapis.com/") { this.#client = client; this.#baseUrl = baseUrl; } /** * Creates a new customer. * * @param parent Required. Parent resource Format: `organizations/{organization}/locations/{location}` */ async organizationsLocationsCustomersCreate(parent: string, req: Customer, opts: OrganizationsLocationsCustomersCreateOptions = {}): Promise { const url = new URL(`${this.#baseUrl}v1/${ parent }/customers`); if (opts.customerId !== undefined) { url.searchParams.append("customerId", String(opts.customerId)); } const body = JSON.stringify(req); const data = await request(url.href, { client: this.#client, method: "POST", body, }); return data as Customer; } /** * Delete details of a single customer * * @param name Required. name of the resource to be deleted format: name=organizations/*/locations/*/customers/* */ async organizationsLocationsCustomersDelete(name: string): Promise { const url = new URL(`${this.#baseUrl}v1/${ name }`); const data = await request(url.href, { client: this.#client, method: "DELETE", }); return data as Empty; } /** * Gets details of a single customer * * @param name Required. Format: `organizations/{organization}/locations/{location}/customers/{customer}` */ async organizationsLocationsCustomersGet(name: string): Promise { const url = new URL(`${this.#baseUrl}v1/${ name }`); const data = await request(url.href, { client: this.#client, method: "GET", }); return data as Customer; } /** * Lists customers of a partner identified by its Google Cloud organization * ID * * @param parent Required. Parent resource Format: `organizations/{organization}/locations/{location}` */ async organizationsLocationsCustomersList(parent: string, opts: OrganizationsLocationsCustomersListOptions = {}): Promise { const url = new URL(`${this.#baseUrl}v1/${ parent }/customers`); if (opts.filter !== undefined) { url.searchParams.append("filter", String(opts.filter)); } if (opts.orderBy !== undefined) { url.searchParams.append("orderBy", String(opts.orderBy)); } if (opts.pageSize !== undefined) { url.searchParams.append("pageSize", String(opts.pageSize)); } if (opts.pageToken !== undefined) { url.searchParams.append("pageToken", String(opts.pageToken)); } const data = await request(url.href, { client: this.#client, method: "GET", }); return data as ListCustomersResponse; } /** * Update details of a single customer * * @param name Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}` */ async organizationsLocationsCustomersPatch(name: string, req: Customer, opts: OrganizationsLocationsCustomersPatchOptions = {}): Promise { opts = serializeOrganizationsLocationsCustomersPatchOptions(opts); const url = new URL(`${this.#baseUrl}v1/${ name }`); if (opts.updateMask !== undefined) { url.searchParams.append("updateMask", String(opts.updateMask)); } const body = JSON.stringify(req); const data = await request(url.href, { client: this.#client, method: "PATCH", body, }); return data as Customer; } /** * Deprecated: Only returns access approval requests directly associated with * an assured workload folder. * * @param parent Required. Parent resource Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}` */ async organizationsLocationsCustomersWorkloadsAccessApprovalRequestsList(parent: string, opts: OrganizationsLocationsCustomersWorkloadsAccessApprovalRequestsListOptions = {}): Promise { const url = new URL(`${this.#baseUrl}v1/${ parent }/accessApprovalRequests`); if (opts.filter !== undefined) { url.searchParams.append("filter", String(opts.filter)); } if (opts.orderBy !== undefined) { url.searchParams.append("orderBy", String(opts.orderBy)); } if (opts.pageSize !== undefined) { url.searchParams.append("pageSize", String(opts.pageSize)); } if (opts.pageToken !== undefined) { url.searchParams.append("pageToken", String(opts.pageToken)); } const data = await request(url.href, { client: this.#client, method: "GET", }); return deserializeListAccessApprovalRequestsResponse(data); } /** * Gets details of a single workload * * @param name Required. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}` */ async organizationsLocationsCustomersWorkloadsGet(name: string): Promise { const url = new URL(`${this.#baseUrl}v1/${ name }`); const data = await request(url.href, { client: this.#client, method: "GET", }); return deserializeWorkload(data); } /** * Gets the EKM connections associated with a workload * * @param name Required. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/ekmConnections` */ async organizationsLocationsCustomersWorkloadsGetEkmConnections(name: string): Promise { const url = new URL(`${this.#baseUrl}v1/${ name }`); const data = await request(url.href, { client: this.#client, method: "GET", }); return data as EkmConnections; } /** * Gets the partner permissions granted for a workload * * @param name Required. Name of the resource to get in the format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/partnerPermissions` */ async organizationsLocationsCustomersWorkloadsGetPartnerPermissions(name: string): Promise { const url = new URL(`${this.#baseUrl}v1/${ name }`); const data = await request(url.href, { client: this.#client, method: "GET", }); return data as PartnerPermissions; } /** * Lists customer workloads for a given customer org id * * @param parent Required. Parent resource Format: `organizations/{organization}/locations/{location}/customers/{customer}` */ async organizationsLocationsCustomersWorkloadsList(parent: string, opts: OrganizationsLocationsCustomersWorkloadsListOptions = {}): Promise { const url = new URL(`${this.#baseUrl}v1/${ parent }/workloads`); if (opts.filter !== undefined) { url.searchParams.append("filter", String(opts.filter)); } if (opts.orderBy !== undefined) { url.searchParams.append("orderBy", String(opts.orderBy)); } if (opts.pageSize !== undefined) { url.searchParams.append("pageSize", String(opts.pageSize)); } if (opts.pageToken !== undefined) { url.searchParams.append("pageToken", String(opts.pageToken)); } const data = await request(url.href, { client: this.#client, method: "GET", }); return deserializeListWorkloadsResponse(data); } /** * Gets details of a single Violation. * * @param name Required. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/violations/{violation}` */ async organizationsLocationsCustomersWorkloadsViolationsGet(name: string): Promise { const url = new URL(`${this.#baseUrl}v1/${ name }`); const data = await request(url.href, { client: this.#client, method: "GET", }); return deserializeViolation(data); } /** * Lists Violations for a workload Callers may also choose to read across * multiple Customers or for a single customer as per * [AIP-159](https://google.aip.dev/159) by using '-' (the hyphen or dash * character) as a wildcard character instead of {customer} & {workload}. * Format: * `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}` * * @param parent Required. Parent resource Format `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}` */ async organizationsLocationsCustomersWorkloadsViolationsList(parent: string, opts: OrganizationsLocationsCustomersWorkloadsViolationsListOptions = {}): Promise { opts = serializeOrganizationsLocationsCustomersWorkloadsViolationsListOptions(opts); const url = new URL(`${this.#baseUrl}v1/${ parent }/violations`); if (opts.filter !== undefined) { url.searchParams.append("filter", String(opts.filter)); } if (opts["interval.endTime"] !== undefined) { url.searchParams.append("interval.endTime", String(opts["interval.endTime"])); } if (opts["interval.startTime"] !== undefined) { url.searchParams.append("interval.startTime", String(opts["interval.startTime"])); } if (opts.orderBy !== undefined) { url.searchParams.append("orderBy", String(opts.orderBy)); } if (opts.pageSize !== undefined) { url.searchParams.append("pageSize", String(opts.pageSize)); } if (opts.pageToken !== undefined) { url.searchParams.append("pageToken", String(opts.pageToken)); } const data = await request(url.href, { client: this.#client, method: "GET", }); return deserializeListViolationsResponse(data); } /** * Get details of a Partner. * * @param name Required. Format: `organizations/{organization}/locations/{location}/partner` */ async organizationsLocationsGetPartner(name: string): Promise { const url = new URL(`${this.#baseUrl}v1/${ name }`); const data = await request(url.href, { client: this.#client, method: "GET", }); return data as Partner; } } /** * Details about the Access request. */ export interface AccessApprovalRequest { /** * Identifier. Format: * `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/accessApprovalRequests/{access_approval_request}` */ name?: string; /** * The requested expiration for the approval. If the request is approved, * access will be granted from the time of approval until the expiration time. */ requestedExpirationTime?: Date; /** * The justification for which approval is being requested. */ requestedReason?: AccessReason; /** * The time at which approval was requested. */ requestTime?: Date; } function serializeAccessApprovalRequest(data: any): AccessApprovalRequest { return { ...data, requestedExpirationTime: data["requestedExpirationTime"] !== undefined ? data["requestedExpirationTime"].toISOString() : undefined, requestTime: data["requestTime"] !== undefined ? data["requestTime"].toISOString() : undefined, }; } function deserializeAccessApprovalRequest(data: any): AccessApprovalRequest { return { ...data, requestedExpirationTime: data["requestedExpirationTime"] !== undefined ? new Date(data["requestedExpirationTime"]) : undefined, requestTime: data["requestTime"] !== undefined ? new Date(data["requestTime"]) : undefined, }; } /** * Reason for the access. */ export interface AccessReason { /** * More detail about certain reason types. See comments for each type above. */ detail?: string; /** * Type of access justification. */ type?: | "TYPE_UNSPECIFIED" | "CUSTOMER_INITIATED_SUPPORT" | "GOOGLE_INITIATED_SERVICE" | "GOOGLE_INITIATED_REVIEW" | "THIRD_PARTY_DATA_REQUEST" | "GOOGLE_RESPONSE_TO_PRODUCTION_ALERT" | "CLOUD_INITIATED_ACCESS"; } /** * Information around the error that occurred if the connection state is * anything other than available or unspecified */ export interface ConnectionError { /** * The error domain for the error */ errorDomain?: string; /** * The error message for the error */ errorMessage?: string; } /** * Remediation instructions to resolve violation via cloud console */ export interface Console { /** * Additional urls for more information about steps */ additionalLinks?: string[]; /** * Link to console page where violations can be resolved */ consoleUris?: string[]; /** * Steps to resolve violation via cloud console */ steps?: string[]; } /** * Contains metadata around a Cloud Controls Partner Customer */ export interface Customer { /** * Output only. Container for customer onboarding steps */ readonly customerOnboardingState?: CustomerOnboardingState; /** * Required. Display name for the customer */ displayName?: string; /** * Output only. Indicates whether a customer is fully onboarded */ readonly isOnboarded?: boolean; /** * Identifier. Format: * `organizations/{organization}/locations/{location}/customers/{customer}` */ name?: string; /** * Output only. The customer organization domain, extracted from CRM * Organization’s display_name field. e.g. "google.com" */ readonly organizationDomain?: string; } /** * Container for customer onboarding steps */ export interface CustomerOnboardingState { /** * List of customer onboarding steps */ onboardingSteps?: CustomerOnboardingStep[]; } function serializeCustomerOnboardingState(data: any): CustomerOnboardingState { return { ...data, onboardingSteps: data["onboardingSteps"] !== undefined ? data["onboardingSteps"].map((item: any) => (serializeCustomerOnboardingStep(item))) : undefined, }; } function deserializeCustomerOnboardingState(data: any): CustomerOnboardingState { return { ...data, onboardingSteps: data["onboardingSteps"] !== undefined ? data["onboardingSteps"].map((item: any) => (deserializeCustomerOnboardingStep(item))) : undefined, }; } /** * Container for customer onboarding information */ export interface CustomerOnboardingStep { /** * Output only. Current state of the step */ readonly completionState?: | "COMPLETION_STATE_UNSPECIFIED" | "PENDING" | "SUCCEEDED" | "FAILED" | "NOT_APPLICABLE"; /** * The completion time of the onboarding step */ completionTime?: Date; /** * The starting time of the onboarding step */ startTime?: Date; /** * The onboarding step */ step?: | "STEP_UNSPECIFIED" | "KAJ_ENROLLMENT" | "CUSTOMER_ENVIRONMENT"; } function serializeCustomerOnboardingStep(data: any): CustomerOnboardingStep { return { ...data, completionTime: data["completionTime"] !== undefined ? data["completionTime"].toISOString() : undefined, startTime: data["startTime"] !== undefined ? data["startTime"].toISOString() : undefined, }; } function deserializeCustomerOnboardingStep(data: any): CustomerOnboardingStep { return { ...data, completionTime: data["completionTime"] !== undefined ? new Date(data["completionTime"]) : undefined, startTime: data["startTime"] !== undefined ? new Date(data["startTime"]) : undefined, }; } /** * Details about the EKM connection */ export interface EkmConnection { /** * The connection error that occurred if any */ connectionError?: ConnectionError; /** * Resource name of the EKM connection in the format: * projects/{project}/locations/{location}/ekmConnections/{ekm_connection} */ connectionName?: string; /** * Output only. The connection state */ readonly connectionState?: | "CONNECTION_STATE_UNSPECIFIED" | "AVAILABLE" | "NOT_AVAILABLE" | "ERROR" | "PERMISSION_DENIED"; } /** * The EKM connections associated with a workload */ export interface EkmConnections { /** * The EKM connections associated with the workload */ ekmConnections?: EkmConnection[]; /** * Identifier. Format: * `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/ekmConnections` */ name?: string; } /** * Holds information needed by Mudbray to use partner EKMs for workloads. */ export interface EkmMetadata { /** * Endpoint for sending requests to the EKM for key provisioning during * Assured Workload creation. */ ekmEndpointUri?: string; /** * The Cloud EKM partner. */ ekmSolution?: | "EKM_SOLUTION_UNSPECIFIED" | "FORTANIX" | "FUTUREX" | "THALES" | "VIRTRU"; } /** * A generic empty message that you can re-use to avoid defining duplicated * empty messages in your APIs. A typical example is to use it as the request or * the response type of an API method. For instance: service Foo { rpc * Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } */ export interface Empty { } /** * Remediation instructions to resolve violation via gcloud cli */ export interface Gcloud { /** * Additional urls for more information about steps */ additionalLinks?: string[]; /** * Gcloud command to resolve violation */ gcloudCommands?: string[]; /** * Steps to resolve violation via gcloud cli */ steps?: string[]; } /** * Instructions to remediate violation */ export interface Instructions { /** * Remediation instructions to resolve violation via cloud console */ consoleInstructions?: Console; /** * Remediation instructions to resolve violation via gcloud cli */ gcloudInstructions?: Gcloud; } /** * Response message for list access requests. */ export interface ListAccessApprovalRequestsResponse { /** * List of access approval requests */ accessApprovalRequests?: AccessApprovalRequest[]; /** * A token that can be sent as `page_token` to retrieve the next page. If * this field is omitted, there are no subsequent pages. */ nextPageToken?: string; /** * Locations that could not be reached. */ unreachable?: string[]; } function serializeListAccessApprovalRequestsResponse(data: any): ListAccessApprovalRequestsResponse { return { ...data, accessApprovalRequests: data["accessApprovalRequests"] !== undefined ? data["accessApprovalRequests"].map((item: any) => (serializeAccessApprovalRequest(item))) : undefined, }; } function deserializeListAccessApprovalRequestsResponse(data: any): ListAccessApprovalRequestsResponse { return { ...data, accessApprovalRequests: data["accessApprovalRequests"] !== undefined ? data["accessApprovalRequests"].map((item: any) => (deserializeAccessApprovalRequest(item))) : undefined, }; } /** * Response message for list customer Customers requests */ export interface ListCustomersResponse { /** * List of customers */ customers?: Customer[]; /** * A token that can be sent as `page_token` to retrieve the next page. If * this field is omitted, there are no subsequent pages. */ nextPageToken?: string; /** * Locations that could not be reached. */ unreachable?: string[]; } /** * Response message for list customer violation requests */ export interface ListViolationsResponse { /** * A token that can be sent as `page_token` to retrieve the next page. If * this field is omitted, there are no subsequent pages. */ nextPageToken?: string; /** * Workloads that could not be reached due to permission errors or any other * error. Ref: https://google.aip.dev/217 */ unreachable?: string[]; /** * List of violation */ violations?: Violation[]; } function serializeListViolationsResponse(data: any): ListViolationsResponse { return { ...data, violations: data["violations"] !== undefined ? data["violations"].map((item: any) => (serializeViolation(item))) : undefined, }; } function deserializeListViolationsResponse(data: any): ListViolationsResponse { return { ...data, violations: data["violations"] !== undefined ? data["violations"].map((item: any) => (deserializeViolation(item))) : undefined, }; } /** * Response message for list customer workloads requests. */ export interface ListWorkloadsResponse { /** * A token that can be sent as `page_token` to retrieve the next page. If * this field is omitted, there are no subsequent pages. */ nextPageToken?: string; /** * Locations that could not be reached. */ unreachable?: string[]; /** * List of customer workloads */ workloads?: Workload[]; } function serializeListWorkloadsResponse(data: any): ListWorkloadsResponse { return { ...data, workloads: data["workloads"] !== undefined ? data["workloads"].map((item: any) => (serializeWorkload(item))) : undefined, }; } function deserializeListWorkloadsResponse(data: any): ListWorkloadsResponse { return { ...data, workloads: data["workloads"] !== undefined ? data["workloads"].map((item: any) => (deserializeWorkload(item))) : undefined, }; } /** * Represents the metadata of the long-running operation. */ export interface OperationMetadata { /** * Output only. API version used to start the operation. */ readonly apiVersion?: string; /** * Output only. The time the operation was created. */ readonly createTime?: Date; /** * Output only. The time the operation finished running. */ readonly endTime?: Date; /** * Output only. Identifies whether the user has requested cancellation of the * operation. Operations that have been cancelled successfully have * Operation.error value with a google.rpc.Status.code of 1, corresponding to * `Code.CANCELLED`. */ readonly requestedCancellation?: boolean; /** * Output only. Human-readable status of the operation, if any. */ readonly statusMessage?: string; /** * Output only. Server-defined resource path for the target of the operation. */ readonly target?: string; /** * Output only. Name of the verb executed by the operation. */ readonly verb?: string; } /** * Additional options for * CloudControlsPartner#organizationsLocationsCustomersCreate. */ export interface OrganizationsLocationsCustomersCreateOptions { /** * Required. The customer id to use for the customer, which will become the * final component of the customer's resource name. The specified value must * be a valid Google cloud organization id. */ customerId?: string; } /** * Additional options for * CloudControlsPartner#organizationsLocationsCustomersList. */ export interface OrganizationsLocationsCustomersListOptions { /** * Optional. Filtering results */ filter?: string; /** * Optional. Hint for how to order the results */ orderBy?: string; /** * The maximum number of Customers to return. The service may return fewer * than this value. If unspecified, at most 500 Customers will be returned. */ pageSize?: number; /** * A page token, received from a previous `ListCustomers` call. Provide this * to retrieve the subsequent page. */ pageToken?: string; } /** * Additional options for * CloudControlsPartner#organizationsLocationsCustomersPatch. */ export interface OrganizationsLocationsCustomersPatchOptions { /** * Optional. The list of fields to update */ updateMask?: string /* FieldMask */; } function serializeOrganizationsLocationsCustomersPatchOptions(data: any): OrganizationsLocationsCustomersPatchOptions { return { ...data, updateMask: data["updateMask"] !== undefined ? data["updateMask"] : undefined, }; } function deserializeOrganizationsLocationsCustomersPatchOptions(data: any): OrganizationsLocationsCustomersPatchOptions { return { ...data, updateMask: data["updateMask"] !== undefined ? data["updateMask"] : undefined, }; } /** * Additional options for * CloudControlsPartner#organizationsLocationsCustomersWorkloadsAccessApprovalRequestsList. */ export interface OrganizationsLocationsCustomersWorkloadsAccessApprovalRequestsListOptions { /** * Optional. Filtering results. */ filter?: string; /** * Optional. Hint for how to order the results. */ orderBy?: string; /** * Optional. The maximum number of access requests to return. The service may * return fewer than this value. If unspecified, at most 500 access requests * will be returned. */ pageSize?: number; /** * Optional. A page token, received from a previous * `ListAccessApprovalRequests` call. Provide this to retrieve the subsequent * page. */ pageToken?: string; } /** * Additional options for * CloudControlsPartner#organizationsLocationsCustomersWorkloadsList. */ export interface OrganizationsLocationsCustomersWorkloadsListOptions { /** * Optional. Filtering results. */ filter?: string; /** * Optional. Hint for how to order the results. */ orderBy?: string; /** * The maximum number of workloads to return. The service may return fewer * than this value. If unspecified, at most 500 workloads will be returned. */ pageSize?: number; /** * A page token, received from a previous `ListWorkloads` call. Provide this * to retrieve the subsequent page. */ pageToken?: string; } /** * Additional options for * CloudControlsPartner#organizationsLocationsCustomersWorkloadsViolationsList. */ export interface OrganizationsLocationsCustomersWorkloadsViolationsListOptions { /** * Optional. Filtering results */ filter?: string; /** * Optional. Exclusive end of the interval. If specified, a Timestamp * matching this interval will have to be before the end. */ ["interval.endTime"]?: Date; /** * Optional. Inclusive start of the interval. If specified, a Timestamp * matching this interval will have to be the same or after the start. */ ["interval.startTime"]?: Date; /** * Optional. Hint for how to order the results */ orderBy?: string; /** * Optional. The maximum number of customers row to return. The service may * return fewer than this value. If unspecified, at most 10 customers will be * returned. */ pageSize?: number; /** * Optional. A page token, received from a previous `ListViolations` call. * Provide this to retrieve the subsequent page. */ pageToken?: string; } function serializeOrganizationsLocationsCustomersWorkloadsViolationsListOptions(data: any): OrganizationsLocationsCustomersWorkloadsViolationsListOptions { return { ...data, ["interval.endTime"]: data["interval.endTime"] !== undefined ? data["interval.endTime"].toISOString() : undefined, ["interval.startTime"]: data["interval.startTime"] !== undefined ? data["interval.startTime"].toISOString() : undefined, }; } function deserializeOrganizationsLocationsCustomersWorkloadsViolationsListOptions(data: any): OrganizationsLocationsCustomersWorkloadsViolationsListOptions { return { ...data, ["interval.endTime"]: data["interval.endTime"] !== undefined ? new Date(data["interval.endTime"]) : undefined, ["interval.startTime"]: data["interval.startTime"] !== undefined ? new Date(data["interval.startTime"]) : undefined, }; } /** * Message describing Partner resource */ export interface Partner { /** * Output only. Time the resource was created */ readonly createTime?: Date; /** * List of Google Cloud supported EKM partners supported by the partner */ ekmSolutions?: EkmMetadata[]; /** * Identifier. The resource name of the partner. Format: * `organizations/{organization}/locations/{location}/partner` Example: * "organizations/123456/locations/us-central1/partner" */ name?: string; /** * List of Google Cloud regions that the partner sells services to customers. * Valid Google Cloud regions found here: * https://cloud.google.com/compute/docs/regions-zones */ operatedCloudRegions?: string[]; /** * Google Cloud project ID in the partner's Google Cloud organization for * receiving enhanced Logs for Partners. */ partnerProjectId?: string; /** * List of SKUs the partner is offering */ skus?: Sku[]; /** * Output only. The last time the resource was updated */ readonly updateTime?: Date; } /** * The permissions granted to the partner for a workload */ export interface PartnerPermissions { /** * Identifier. Format: * `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/partnerPermissions` */ name?: string; /** * The partner permissions granted for the workload */ partnerPermissions?: | "PERMISSION_UNSPECIFIED" | "ACCESS_TRANSPARENCY_AND_EMERGENCY_ACCESS_LOGS" | "ASSURED_WORKLOADS_MONITORING" | "ACCESS_APPROVAL_REQUESTS" | "ASSURED_WORKLOADS_EKM_CONNECTION_STATUS" | "ACCESS_TRANSPARENCY_LOGS_SUPPORT_CASE_VIEWER"[]; } /** * Represents remediation guidance to resolve compliance violation for * AssuredWorkload */ export interface Remediation { /** * Values that can resolve the violation For example: for list org policy * violations, this will either be the list of allowed or denied values */ compliantValues?: string[]; /** * Required. Remediation instructions to resolve violations */ instructions?: Instructions; /** * Output only. Remediation type based on the type of org policy values * violated */ readonly remediationType?: | "REMEDIATION_TYPE_UNSPECIFIED" | "REMEDIATION_BOOLEAN_ORG_POLICY_VIOLATION" | "REMEDIATION_LIST_ALLOWED_VALUES_ORG_POLICY_VIOLATION" | "REMEDIATION_LIST_DENIED_VALUES_ORG_POLICY_VIOLATION" | "REMEDIATION_RESTRICT_CMEK_CRYPTO_KEY_PROJECTS_ORG_POLICY_VIOLATION" | "REMEDIATION_RESOURCE_VIOLATION"; } /** * Represents the SKU a partner owns inside Google Cloud to sell to customers. */ export interface Sku { /** * Display name of the product identified by the SKU. A partner may want to * show partner branded names for their offerings such as local sovereign * cloud solutions. */ displayName?: string; /** * Argentum product SKU, that is associated with the partner offerings to * customers used by Syntro for billing purposes. SKUs can represent resold * Google products or support services. */ id?: string; } /** * Details of resource Violation */ export interface Violation { /** * Output only. Time of the event which triggered the Violation. */ readonly beginTime?: Date; /** * Output only. Category under which this violation is mapped. e.g. Location, * Service Usage, Access, Encryption, etc. */ readonly category?: string; /** * Output only. Description for the Violation. e.g. OrgPolicy * gcp.resourceLocations has non compliant value. */ readonly description?: string; /** * The folder_id of the violation */ folderId?: bigint; /** * Identifier. Format: * `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/violations/{violation}` */ name?: string; /** * Output only. Immutable. Name of the OrgPolicy which was modified with * non-compliant change and resulted this violation. Format: * `projects/{project_number}/policies/{constraint_name}` * `folders/{folder_id}/policies/{constraint_name}` * `organizations/{organization_id}/policies/{constraint_name}` */ readonly nonCompliantOrgPolicy?: string; /** * Output only. Compliance violation remediation */ readonly remediation?: Remediation; /** * Output only. Time of the event which fixed the Violation. If the violation * is ACTIVE this will be empty. */ readonly resolveTime?: Date; /** * Output only. State of the violation */ readonly state?: | "STATE_UNSPECIFIED" | "RESOLVED" | "UNRESOLVED" | "EXCEPTION"; /** * Output only. The last time when the Violation record was updated. */ readonly updateTime?: Date; } function serializeViolation(data: any): Violation { return { ...data, folderId: data["folderId"] !== undefined ? String(data["folderId"]) : undefined, }; } function deserializeViolation(data: any): Violation { return { ...data, beginTime: data["beginTime"] !== undefined ? new Date(data["beginTime"]) : undefined, folderId: data["folderId"] !== undefined ? BigInt(data["folderId"]) : undefined, resolveTime: data["resolveTime"] !== undefined ? new Date(data["resolveTime"]) : undefined, updateTime: data["updateTime"] !== undefined ? new Date(data["updateTime"]) : undefined, }; } /** * Contains metadata around the [Workload * resource](https://cloud.google.com/assured-workloads/docs/reference/rest/Shared.Types/Workload) * in the Assured Workloads API. */ export interface Workload { /** * Output only. Time the resource was created. */ readonly createTime?: Date; /** * Output only. The name of container folder of the assured workload */ readonly folder?: string; /** * Output only. Folder id this workload is associated with */ readonly folderId?: bigint; /** * Indicates whether a workload is fully onboarded. */ isOnboarded?: boolean; /** * The project id of the key management project for the workload */ keyManagementProjectId?: string; /** * The Google Cloud location of the workload */ location?: string; /** * Identifier. Format: * `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}` */ name?: string; /** * Partner associated with this workload. */ partner?: | "PARTNER_UNSPECIFIED" | "PARTNER_LOCAL_CONTROLS_BY_S3NS" | "PARTNER_SOVEREIGN_CONTROLS_BY_T_SYSTEMS" | "PARTNER_SOVEREIGN_CONTROLS_BY_SIA_MINSAIT" | "PARTNER_SOVEREIGN_CONTROLS_BY_PSN" | "PARTNER_SOVEREIGN_CONTROLS_BY_CNTXT" | "PARTNER_SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM"; /** * Container for workload onboarding steps. */ workloadOnboardingState?: WorkloadOnboardingState; } function serializeWorkload(data: any): Workload { return { ...data, workloadOnboardingState: data["workloadOnboardingState"] !== undefined ? serializeWorkloadOnboardingState(data["workloadOnboardingState"]) : undefined, }; } function deserializeWorkload(data: any): Workload { return { ...data, createTime: data["createTime"] !== undefined ? new Date(data["createTime"]) : undefined, folderId: data["folderId"] !== undefined ? BigInt(data["folderId"]) : undefined, workloadOnboardingState: data["workloadOnboardingState"] !== undefined ? deserializeWorkloadOnboardingState(data["workloadOnboardingState"]) : undefined, }; } /** * Container for workload onboarding steps. */ export interface WorkloadOnboardingState { /** * List of workload onboarding steps. */ onboardingSteps?: WorkloadOnboardingStep[]; } function serializeWorkloadOnboardingState(data: any): WorkloadOnboardingState { return { ...data, onboardingSteps: data["onboardingSteps"] !== undefined ? data["onboardingSteps"].map((item: any) => (serializeWorkloadOnboardingStep(item))) : undefined, }; } function deserializeWorkloadOnboardingState(data: any): WorkloadOnboardingState { return { ...data, onboardingSteps: data["onboardingSteps"] !== undefined ? data["onboardingSteps"].map((item: any) => (deserializeWorkloadOnboardingStep(item))) : undefined, }; } /** * Container for workload onboarding information. */ export interface WorkloadOnboardingStep { /** * Output only. The completion state of the onboarding step. */ readonly completionState?: | "COMPLETION_STATE_UNSPECIFIED" | "PENDING" | "SUCCEEDED" | "FAILED" | "NOT_APPLICABLE"; /** * The completion time of the onboarding step. */ completionTime?: Date; /** * The starting time of the onboarding step. */ startTime?: Date; /** * The onboarding step. */ step?: | "STEP_UNSPECIFIED" | "EKM_PROVISIONED" | "SIGNED_ACCESS_APPROVAL_CONFIGURED"; } function serializeWorkloadOnboardingStep(data: any): WorkloadOnboardingStep { return { ...data, completionTime: data["completionTime"] !== undefined ? data["completionTime"].toISOString() : undefined, startTime: data["startTime"] !== undefined ? data["startTime"].toISOString() : undefined, }; } function deserializeWorkloadOnboardingStep(data: any): WorkloadOnboardingStep { return { ...data, completionTime: data["completionTime"] !== undefined ? new Date(data["completionTime"]) : undefined, startTime: data["startTime"] !== undefined ? new Date(data["startTime"]) : undefined, }; }