Package types (0.13.0)

Request used by the AddAddressGroupItems method.

AddressGroup is a resource that specifies how a collection of IP/DNS used in Firewall Policy.

Defines what action to take for antivirus threats per protocol.

AuthorizationPolicy is a resource that specifies how a server should authorize incoming connections. This resource in itself does not change the configuration unless it's attached to a target https proxy or endpoint config selector resource.

AuthzPolicy is a resource that allows to forward traffic to a callout backend designed to scan the traffic for security purposes.

BackendAuthenticationConfig message groups the TrustConfig together with other settings that control how the load balancer authenticates, and expresses its identity to, the backend:

• trustConfig is the attached TrustConfig.

• wellKnownRoots indicates whether the load balance should trust backend server certificates that are issued by public certificate authorities, in addition to certificates trusted by the TrustConfig.

• clientCertificate is a client certificate that the load balancer uses to express its identity to the backend, if the connection to the backend uses mTLS.

You can attach the BackendAuthenticationConfig to the load balancer's BackendService directly determining how that BackendService negotiates TLS.

Specification of certificate provider. Defines the mechanism to obtain the certificate and private key for peer to peer authentication.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Specification of a TLS certificate provider instance. Workloads may have one or more CertificateProvider instances (plugins) and one of them is enabled and configured by specifying this message. Workloads use the values from this message to locate and load the CertificateProvider instance configuration.

ClientTlsPolicy is a resource that specifies how a client should authenticate connections to backends of a service. This resource itself does not affect configuration unless it is attached to a backend service resource.

Request used by the CloneAddressGroupItems method.

Request used by the CreateAddressGroup method.

Request used by the CreateAuthorizationPolicy method.

Message for creating an AuthzPolicy resource.

Request used by the CreateBackendAuthenticationConfig method.

Request used by the CreateClientTlsPolicy method.

The message to create a DnsThreatDetector.

Message for creating a Association

Message for creating a Endpoint

Request used by the CreateGatewaySecurityPolicy method.

Methods for GatewaySecurityPolicy RULES/GatewaySecurityPolicyRules. Request used by the CreateGatewaySecurityPolicyRule method.

Request message for CreateInterceptDeploymentGroup.

Request message for CreateInterceptDeployment.

Request message for CreateInterceptEndpointGroupAssociation.

Request message for CreateInterceptEndpointGroup.

Request message for CreateMirroringDeploymentGroup.

Request message for CreateMirroringDeployment.

Request message for CreateMirroringEndpointGroupAssociation.

Request message for CreateMirroringEndpointGroup.

Request used by the CreateSecurityProfileGroup method.

Request used by the CreateSecurityProfile method.

Request used by the CreateServerTlsPolicy method.

Request used by the CreateTlsInspectionPolicy method.

Request used by the CreateUrlList method.

CustomInterceptProfile defines in-band integration behavior (intercept). It is used by firewall rules with an APPLY_SECURITY_PROFILE_GROUP action.

CustomMirroringProfile defines out-of-band integration behavior (mirroring). It is used by mirroring rules with a MIRROR action.

Request used by the DeleteAddressGroup method.

Request used by the DeleteAuthorizationPolicy method.

Message for deleting an AuthzPolicy resource.

Request used by the DeleteBackendAuthenticationConfig method.

Request used by the DeleteClientTlsPolicy method.

The message for deleting a DnsThreatDetector.

Message for deleting a Association

Message for deleting a Endpoint

Request used by the DeleteGatewaySecurityPolicy method.

Request used by the DeleteGatewaySecurityPolicyRule method.

Request message for DeleteInterceptDeploymentGroup.

Request message for DeleteInterceptDeployment.

Request message for DeleteInterceptEndpointGroupAssociation.

Request message for DeleteInterceptEndpointGroup.

Request message for DeleteMirroringDeploymentGroup.

Request message for DeleteMirroringDeployment.

Request message for DeleteMirroringEndpointGroupAssociation.

Request message for DeleteMirroringEndpointGroup.

Request used by the DeleteSecurityProfileGroup method.

Request used by the DeleteSecurityProfile method.

Request used by the DeleteServerTlsPolicy method.

Request used by the DeleteTlsInspectionPolicy method.

Request used by the DeleteUrlList method.

A DNS threat detector sends DNS query logs to a provider that then analyzes the logs to identify threat events in the DNS queries. By default, all VPC networks in your projects are included. You can exclude specific networks by supplying excluded_networks.

Message describing Endpoint object.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Message describing Association object

The GatewaySecurityPolicy resource contains a collection of GatewaySecurityPolicyRules and associated metadata.

The GatewaySecurityPolicyRule resource is in a nested collection within a GatewaySecurityPolicy and represents a traffic matching condition and associated action to perform.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Request used by the GetAddressGroup method.

Request used by the GetAuthorizationPolicy method.

Message for getting a AuthzPolicy resource.

Request used by the GetBackendAuthenticationConfig method.

Request used by the GetClientTlsPolicy method.

The message sent to get a DnsThreatDetector.

Message for getting a Association

Message for getting a Endpoint

Request used by the GetGatewaySecurityPolicy method.

Request used by the GetGatewaySecurityPolicyRule method.

Request message for GetInterceptDeploymentGroup.

Request message for GetInterceptDeployment.

Request message for GetInterceptEndpointGroupAssociation.

Request message for GetInterceptEndpointGroup.

Request message for GetMirroringDeploymentGroup.

Request message for GetMirroringDeployment.

Request message for GetMirroringEndpointGroupAssociation.

Request message for GetMirroringEndpointGroup.

Request used by the GetSecurityProfileGroup method.

Request used by the GetSecurityProfile method.

Request used by the GetServerTlsPolicy method.

Request used by the GetTlsInspectionPolicy method.

Request used by the GetUrlList method.

Specification of the GRPC Endpoint.

A deployment represents a zonal intercept backend ready to accept GENEVE-encapsulated traffic, e.g. a zonal instance group fronted by an internal passthrough load balancer. Deployments are always part of a global deployment group which represents a global intercept service.

A deployment group aggregates many zonal intercept backends (deployments) into a single global intercept service. Consumers can connect this service using an endpoint group.

An endpoint group is a consumer frontend for a deployment group (backend). In order to configure intercept for a network, consumers must create:

• An association between their network and the endpoint group.
• A security profile that points to the endpoint group.
• A firewall rule that references the security profile (group).

An endpoint group association represents a link between a network and an endpoint group in the organization.

Creating an association creates the networking infrastructure linking the network to the endpoint group, but does not enable intercept by itself. To enable intercept, the user must also create a network firewall policy containing intercept rules and associate it with the network.

Details about intercept in a specific cloud location.

Request used by the ListAddressGroupReferences method.

Response of the ListAddressGroupReferences method.

Request used with the ListAddressGroups method.

Response returned by the ListAddressGroups method.

Request used with the ListAuthorizationPolicies method.

Response returned by the ListAuthorizationPolicies method.

Message for requesting list of AuthzPolicy resources.

Message for response to listing AuthzPolicy resources.

Request used by the ListBackendAuthenticationConfigs method.

Response returned by the ListBackendAuthenticationConfigs method.

Request used by the ListClientTlsPolicies method.

Response returned by the ListClientTlsPolicies method.

The message for requesting a list of DnsThreatDetectors in the project.

The response message to requesting a list of DnsThreatDetectors.

Message for requesting list of Associations

Message for response to listing Associations

Message for requesting list of Endpoints

Message for response to listing Endpoints

Request used with the ListGatewaySecurityPolicies method.

Response returned by the ListGatewaySecurityPolicies method.

Request used with the ListGatewaySecurityPolicyRules method.

Response returned by the ListGatewaySecurityPolicyRules method.

Request message for ListInterceptDeploymentGroups.

Response message for ListInterceptDeploymentGroups.

Request message for ListInterceptDeployments.

Response message for ListInterceptDeployments.

Request message for ListInterceptEndpointGroupAssociations.

Response message for ListInterceptEndpointGroupAssociations.

Request message for ListInterceptEndpointGroups.

Response message for ListInterceptEndpointGroups.

Request message for ListMirroringDeploymentGroups.

Response message for ListMirroringDeploymentGroups.

Request message for ListMirroringDeployments.

Response message for ListMirroringDeployments.

Request message for ListMirroringEndpointGroupAssociations.

Response message for ListMirroringEndpointGroupAssociations.

Request message for ListMirroringEndpointGroups.

Response message for ListMirroringEndpointGroups.

Request used with the ListSecurityProfileGroups method.

Response returned by the ListSecurityProfileGroups method.

Request used with the ListSecurityProfiles method.

Response returned by the ListSecurityProfiles method.

Request used by the ListServerTlsPolicies method.

Response returned by the ListServerTlsPolicies method.

Request used with the ListTlsInspectionPolicies method.

Response returned by the ListTlsInspectionPolicies method.

Request used by the ListUrlList method.

Response returned by the ListUrlLists method.

A deployment represents a zonal mirroring backend ready to accept GENEVE-encapsulated replica traffic, e.g. a zonal instance group fronted by an internal passthrough load balancer. Deployments are always part of a global deployment group which represents a global mirroring service.

A deployment group aggregates many zonal mirroring backends (deployments) into a single global mirroring service. Consumers can connect this service using an endpoint group.

An endpoint group is a consumer frontend for a deployment group (backend). In order to configure mirroring for a network, consumers must create:

• An association between their network and the endpoint group.
• A security profile that points to the endpoint group.
• A mirroring rule that references the security profile (group).

An endpoint group association represents a link between a network and an endpoint group in the organization.

Creating an association creates the networking infrastructure linking the network to the endpoint group, but does not enable mirroring by itself. To enable mirroring, the user must also create a network firewall policy containing mirroring rules and associate it with the network.

Details about mirroring in a specific cloud location.

Represents the metadata of the long-running operation.

Antivirus protocol.

Request used by the RemoveAddressGroupItems method.

SecurityProfile is a resource that defines the behavior for one of many ProfileTypes.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

SecurityProfileGroup is a resource that defines the behavior for various ProfileTypes.

ServerTlsPolicy is a resource that specifies how a server should authenticate incoming requests. This resource itself does not affect configuration unless it is attached to a target HTTPS proxy or endpoint config selector resource.

ServerTlsPolicy in the form accepted by Application Load Balancers can be attached only to TargetHttpsProxy with an EXTERNAL, EXTERNAL_MANAGED or INTERNAL_MANAGED load balancing scheme. Traffic Director compatible ServerTlsPolicies can be attached to EndpointPolicy and TargetHttpsProxy with Traffic Director INTERNAL_SELF_MANAGED load balancing scheme.

Severity level.

Defines what action to take for a specific severity match.

Threat action override.

Defines what action to take for a specific threat_id match.

ThreatPreventionProfile defines an action for specific threat signatures or severity levels.

Type of threat.

The TlsInspectionPolicy resource contains references to CA pools in Certificate Authority Service and associated metadata.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Request used by the UpdateAddressGroup method.

Request used by the UpdateAuthorizationPolicy method.

Message for updating an AuthzPolicy resource.

Request used by UpdateBackendAuthenticationConfig method.

Request used by UpdateClientTlsPolicy method.

The message for updating a DnsThreatDetector.

Message for updating an Association

Message for updating a Endpoint

Request used by the UpdateGatewaySecurityPolicy method.

Request used by the UpdateGatewaySecurityPolicyRule method.

Request message for UpdateInterceptDeploymentGroup.

Request message for UpdateInterceptDeployment.

Request message for UpdateInterceptEndpointGroupAssociation.

Request message for UpdateInterceptEndpointGroup.

Request message for UpdateMirroringDeploymentGroup.

Request message for UpdateMirroringDeployment.

Request message for UpdateMirroringEndpointGroupAssociation.

Request message for UpdateMirroringEndpointGroup.

Request used by the UpdateSecurityProfileGroup method.

Request used by the UpdateSecurityProfile method.

Request used by UpdateServerTlsPolicy method.

Request used by the UpdateTlsInspectionPolicy method.

Request used by UpdateUrlList method.

A URL filter defines an action to take for some URL match.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

UrlFilteringProfile defines filters based on URL.

UrlList proto helps users to set reusable, independently manageable lists of hosts, host patterns, URLs, URL patterns.

Specification of ValidationCA. Defines the mechanism to obtain the Certificate Authority certificate to validate the peer certificate.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields