Package-level declarations
Types
A specification of the type and number of accelerator cards attached to the instance.
An access configuration attached to an instance's network interface. Only one access config per instance is supported.
Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled).
An alias IP range attached to an instance's network interface.
Output Only Contains output only fields.
Contains Properties set for the reservation.
Properties of the SKU instances being reserved. Next ID: 9
This reservation type allows to pre allocate specific instance configuration. Next ID: 6
Input Only Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This field is persisted and returned for instanceTemplate and not returned in the context of instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
An instance-attached disk resource.
Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices
and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": "user:jose@example.com" }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": "user:aliya@example.com" } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": "user:jose@example.com" }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
This is deprecated and has no effect. Do not use.
CPU utilization policy.
Configuration parameters of autoscaling based on load balancing.
Cloud Autoscaler policy.
Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.
Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
Message containing what to include in the cache key for a request for Cloud CDN.
Specify CDN TTLs for response error codes.
Message containing Cloud CDN configuration for a backend bucket.
Message containing information of one individual backend.
Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.
Specify CDN TTLs for response error codes.
Message containing Cloud CDN configuration for a backend service.
Connection Tracking configuration for this BackendService.
For load balancers that have configurable failover: Internal TCP/UDP Load Balancing and external TCP/UDP Load Balancing. On failover or failback, this field indicates whether connection draining will be honored. Google Cloud has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes).
Identity-Aware Proxy
The configuration for a custom policy implemented by the user and deployed with the client.
The configuration for a built-in load balancing policy.
Container for either a built-in LB policy supported by gRPC or Envoy or a custom one implemented by the end user.
Associates members
, or principals, with a role
.
Message containing what to include in the cache key for a request for Cloud CDN.
A set of Confidential Instance options.
Message containing connection draining configuration.
The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash.
This message defines settings for a consistent hash style load balancer.
The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard.
A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.
Additional disk params.
A set of Display Device options
A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". Range is approximately 10,000 years.
Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
The interface for the external VPN gateway.
The available logging options for a firewall rule.
Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.
Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).
Encapsulates numeric value that can be either absolute or relative.
Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.
Guest OS features.
Configuration of logging on a health check. If logging is enabled, logs will be exported to Stackdriver.
UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.
Specification for how requests are aborted as part of fault injection.
Specifies the delay introduced by the load balancer before forwarding the request to the backend service as part of fault injection.
The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by the load balancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.
The request and response header transformations that take effect before the request is passed along to the selected backendService.
matchRule criteria for request header matches.
Specification determining how headers are added to requests or responses.
HttpRouteRuleMatch criteria for a request's query parameter.
The retry policy associates with HttpRouteRule
HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.
The HttpRouteRule setting specifies how to match an HTTP request and the corresponding routing action that load balancing proxies perform.
The parameters of the raw disk image.
Initial State for shielded instance, these are public keys which are safe to store in public
Additional instance params.
HttpRouteRuleMatch criteria for field values that must stay within the specified integer range.
Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments.
Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.
Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.
Commitment for a particular license resource.
This is deprecated and has no effect. Do not use.
This is deprecated and has no effect. Do not use.
This is deprecated and has no effect. Do not use.
This is deprecated and has no effect. Do not use.
This is deprecated and has no effect. Do not use.
MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the load balancer.
Opaque filter criteria used by load balancers to restrict routing configuration to a limited set of load balancing proxies. Proxies and sidecars involved in load balancing would typically present metadata to the load balancers that need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if load balancing involves Envoys, they receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.
Metadata
A metadata key/value entry.
The named port. For example: <"http", 80>.
Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.
Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.
Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.
All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.
A network interface resource attached to an instance.
A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.
A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.
Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.
Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint.
Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service.
A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service is used.
A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.
A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer doesn't wait for responses from the shadow service. Before sending traffic to the shadow service, the host or authority header is suffixed with -shadow.
Specifies the reservations that this instance can consume from.
Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.
Commitment for a particular resource (a Commitment is composed of one or more of these).
Time window specified for daily operations.
A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality
Time window specified for hourly operations.
An InstanceSchedulePolicy specifies when and how frequent certain operations are performed on the instance.
Schedule for an instance operation.
Contains output only fields. Use this sub-message for all output fields set on ResourcePolicy. The internal structure of this "status" field should mimic the structure of ResourcePolicy proto specification.
A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained.
Policy for retention of scheduled snapshots.
A schedule for disks where the schedueled operations are performed.
Time window specified for weekly operations.
Contains output only fields. Use this sub-message for actual values set on Instance attributes as compared to the value requested by the user (intent) in their instance CRUD calls.
Description-tagged IP ranges for the router to advertise.
Configuration of logging on a NAT.
Represents a Nat resource. It enables the VMs within the specified subnetworks to access Internet without external IP addresses. It specifies a list of subnetworks (and the ranges within) that want to use NAT. Customers can also provide the external IPs that would be used for NAT. GCP would auto-allocate ephemeral IPs if no external IPs are provided.
This is deprecated and has no effect. Do not use.
DEPRECATED: Please use compute#savedDisk instead. An instance-attached disk resource.
Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.
Sets the scheduling options for an Instance.
Configuration options for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR.
Configuration options for Cloud Armor Adaptive Protection (CAAP).
Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.
Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).
The authentication and authorization settings for a BackendService.
A service account.
Output Only A connection connected to this service attachment.
The share setting for reservations and sole tenancy node groups.
A set of Shielded Instance options.
The policy describes the baseline against which Instance boot integrity is measured.
A specification of the parameters to use when creating the instance template from a source instance.
DEPRECATED: Please use compute#instanceProperties instead. New properties will not be added to this field.
Configuration and status of a self-managed SSL certificate.
Configuration of preserved resources.
Represents a secondary IP range of a subnetwork.
Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
A set of instance tags.
HTTP headers used in UrlMapTests.
Message for the expected URL mappings.
The spec for modifying the path before sending the request to the matched backend service.
A VPN gateway interface.
In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple backend services. The volume of traffic for each backend service is proportional to the weight specified in each WeightedBackendService