1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
|
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.api;
import "google/protobuf/descriptor.proto";
option cc_enable_arenas = true;
option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations";
option java_multiple_files = true;
option java_outer_classname = "ResourceProto";
option java_package = "com.google.api";
option objc_class_prefix = "GAPI";
extend google.protobuf.FieldOptions {
// An annotation that describes a resource reference, see
// [ResourceReference][].
google.api.ResourceReference resource_reference = 1055;
}
extend google.protobuf.FileOptions {
// An annotation that describes a resource definition without a corresponding
// message; see [ResourceDescriptor][].
repeated google.api.ResourceDescriptor resource_definition = 1053;
}
extend google.protobuf.MessageOptions {
// An annotation that describes a resource definition, see
// [ResourceDescriptor][].
google.api.ResourceDescriptor resource = 1053;
}
// A simple descriptor of a resource type.
//
// ResourceDescriptor annotates a resource message (either by means of a
// protobuf annotation or use in the service config), and associates the
// resource's schema, the resource type, and the pattern of the resource name.
//
// Example:
//
// message Topic {
// // Indicates this message defines a resource schema.
// // Declares the resource type in the format of {service}/{kind}.
// // For Kubernetes resources, the format is {api group}/{kind}.
// option (google.api.resource) = {
// type: "pubsub.googleapis.com/Topic"
// name_descriptor: {
// pattern: "projects/{project}/topics/{topic}"
// parent_type: "cloudresourcemanager.googleapis.com/Project"
// parent_name_extractor: "projects/{project}"
// }
// };
// }
//
// The ResourceDescriptor Yaml config will look like:
//
// resources:
// - type: "pubsub.googleapis.com/Topic"
// name_descriptor:
// - pattern: "projects/{project}/topics/{topic}"
// parent_type: "cloudresourcemanager.googleapis.com/Project"
// parent_name_extractor: "projects/{project}"
//
// Sometimes, resources have multiple patterns, typically because they can
// live under multiple parents.
//
// Example:
//
// message LogEntry {
// option (google.api.resource) = {
// type: "logging.googleapis.com/LogEntry"
// name_descriptor: {
// pattern: "projects/{project}/logs/{log}"
// parent_type: "cloudresourcemanager.googleapis.com/Project"
// parent_name_extractor: "projects/{project}"
// }
// name_descriptor: {
// pattern: "folders/{folder}/logs/{log}"
// parent_type: "cloudresourcemanager.googleapis.com/Folder"
// parent_name_extractor: "folders/{folder}"
// }
// name_descriptor: {
// pattern: "organizations/{organization}/logs/{log}"
// parent_type: "cloudresourcemanager.googleapis.com/Organization"
// parent_name_extractor: "organizations/{organization}"
// }
// name_descriptor: {
// pattern: "billingAccounts/{billing_account}/logs/{log}"
// parent_type: "billing.googleapis.com/BillingAccount"
// parent_name_extractor: "billingAccounts/{billing_account}"
// }
// };
// }
//
// The ResourceDescriptor Yaml config will look like:
//
// resources:
// - type: 'logging.googleapis.com/LogEntry'
// name_descriptor:
// - pattern: "projects/{project}/logs/{log}"
// parent_type: "cloudresourcemanager.googleapis.com/Project"
// parent_name_extractor: "projects/{project}"
// - pattern: "folders/{folder}/logs/{log}"
// parent_type: "cloudresourcemanager.googleapis.com/Folder"
// parent_name_extractor: "folders/{folder}"
// - pattern: "organizations/{organization}/logs/{log}"
// parent_type: "cloudresourcemanager.googleapis.com/Organization"
// parent_name_extractor: "organizations/{organization}"
// - pattern: "billingAccounts/{billing_account}/logs/{log}"
// parent_type: "billing.googleapis.com/BillingAccount"
// parent_name_extractor: "billingAccounts/{billing_account}"
//
// For flexible resources, the resource name doesn't contain parent names, but
// the resource itself has parents for policy evaluation.
//
// Example:
//
// message Shelf {
// option (google.api.resource) = {
// type: "library.googleapis.com/Shelf"
// name_descriptor: {
// pattern: "shelves/{shelf}"
// parent_type: "cloudresourcemanager.googleapis.com/Project"
// }
// name_descriptor: {
// pattern: "shelves/{shelf}"
// parent_type: "cloudresourcemanager.googleapis.com/Folder"
// }
// };
// }
//
// The ResourceDescriptor Yaml config will look like:
//
// resources:
// - type: 'library.googleapis.com/Shelf'
// name_descriptor:
// - pattern: "shelves/{shelf}"
// parent_type: "cloudresourcemanager.googleapis.com/Project"
// - pattern: "shelves/{shelf}"
// parent_type: "cloudresourcemanager.googleapis.com/Folder"
message ResourceDescriptor {
// A description of the historical or future-looking state of the
// resource pattern.
enum History {
// The "unset" value.
HISTORY_UNSPECIFIED = 0;
// The resource originally had one pattern and launched as such, and
// additional patterns were added later.
ORIGINALLY_SINGLE_PATTERN = 1;
// The resource has one pattern, but the API owner expects to add more
// later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents
// that from being necessary once there are multiple patterns.)
FUTURE_MULTI_PATTERN = 2;
}
// A flag representing a specific style that a resource claims to conform to.
enum Style {
// The unspecified value. Do not use.
STYLE_UNSPECIFIED = 0;
// This resource is intended to be "declarative-friendly".
//
// Declarative-friendly resources must be more strictly consistent, and
// setting this to true communicates to tools that this resource should
// adhere to declarative-friendly expectations.
//
// Note: This is used by the API linter (linter.aip.dev) to enable
// additional checks.
DECLARATIVE_FRIENDLY = 1;
}
// The resource type. It must be in the format of
// {service_name}/{resource_type_kind}. The `resource_type_kind` must be
// singular and must not include version numbers.
//
// Example: `storage.googleapis.com/Bucket`
//
// The value of the resource_type_kind must follow the regular expression
// /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and
// should use PascalCase (UpperCamelCase). The maximum number of
// characters allowed for the `resource_type_kind` is 100.
string type = 1;
// Optional. The relative resource name pattern associated with this resource
// type. The DNS prefix of the full resource name shouldn't be specified here.
//
// The path pattern must follow the syntax, which aligns with HTTP binding
// syntax:
//
// Template = Segment { "/" Segment } ;
// Segment = LITERAL | Variable ;
// Variable = "{" LITERAL "}" ;
//
// Examples:
//
// - "projects/{project}/topics/{topic}"
// - "projects/{project}/knowledgeBases/{knowledge_base}"
//
// The components in braces correspond to the IDs for each resource in the
// hierarchy. It is expected that, if multiple patterns are provided,
// the same component name (e.g. "project") refers to IDs of the same
// type of resource.
repeated string pattern = 2;
// Optional. The field on the resource that designates the resource name
// field. If omitted, this is assumed to be "name".
string name_field = 3;
// Optional. The historical or future-looking state of the resource pattern.
//
// Example:
//
// // The InspectTemplate message originally only supported resource
// // names with organization, and project was added later.
// message InspectTemplate {
// option (google.api.resource) = {
// type: "dlp.googleapis.com/InspectTemplate"
// pattern:
// "organizations/{organization}/inspectTemplates/{inspect_template}"
// pattern: "projects/{project}/inspectTemplates/{inspect_template}"
// history: ORIGINALLY_SINGLE_PATTERN
// };
// }
History history = 4;
// The plural name used in the resource name and permission names, such as
// 'projects' for the resource name of 'projects/{project}' and the permission
// name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
// concept of the `plural` field in k8s CRD spec
// https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
//
// Note: The plural form is required even for singleton resources. See
// https://aip.dev/156
string plural = 5;
// The same concept of the `singular` field in k8s CRD spec
// https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
// Such as "project" for the `resourcemanager.googleapis.com/Project` type.
string singular = 6;
// Style flag(s) for this resource.
// These indicate that a resource is expected to conform to a given
// style. See the specific style flags for additional information.
repeated Style style = 10;
}
// Defines a proto annotation that describes a string field that refers to
// an API resource.
message ResourceReference {
// The resource type that the annotated field references.
//
// Example:
//
// message Subscription {
// string topic = 2 [(google.api.resource_reference) = {
// type: "pubsub.googleapis.com/Topic"
// }];
// }
//
// Occasionally, a field may reference an arbitrary resource. In this case,
// APIs use the special value * in their resource reference.
//
// Example:
//
// message GetIamPolicyRequest {
// string resource = 2 [(google.api.resource_reference) = {
// type: "*"
// }];
// }
string type = 1;
// The resource type of a child collection that the annotated field
// references. This is useful for annotating the `parent` field that
// doesn't have a fixed resource type.
//
// Example:
//
// message ListLogEntriesRequest {
// string parent = 1 [(google.api.resource_reference) = {
// child_type: "logging.googleapis.com/LogEntry"
// };
// }
string child_type = 2;
}
|