davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/__init__.py Normal file
View File

@@ -0,0 +1,39 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
"""Manage Network Security resources."""
from googlecloudsdk.calliope import base
from surface.network_security import _init_extensions as extensions
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
@base.Autogenerated
class NetworkSecurityAlpha(extensions.NetworkSecurityAlpha):
"""Manage Network Security resources."""
@base.ReleaseTracks(base.ReleaseTrack.BETA)
@base.Autogenerated
class NetworkSecurityBeta(extensions.NetworkSecurityBeta):
"""Manage Network Security resources."""
@base.ReleaseTracks(base.ReleaseTrack.GA)
@base.Autogenerated
class NetworkSecurityGa(extensions.NetworkSecurityGa):
"""Manage Network Security resources."""

49
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/_init_extensions.py Normal file
View File

@@ -0,0 +1,49 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
"""File to add optional custom code to extend __init__.py."""
from googlecloudsdk.calliope import base
class NetworkSecurityAlpha(base.Group):
"""Optional no-auto-generated code for ALPHA."""
category = base.NETWORK_SECURITY_CATEGORY
def Filter(self, context, args):
# TODO(b/190537848): Determine if command group works with project number
base.RequireProjectID(args)
del context, args
class NetworkSecurityBeta(base.Group):
"""Optional no-auto-generated code for BETA."""
category = base.NETWORK_SECURITY_CATEGORY
def Filter(self, context, args):
# TODO(b/190537848): Determine if command group works with project number
base.RequireProjectID(args)
del context, args
class NetworkSecurityGa(base.Group):
"""Optional no-auto-generated code for GA."""
category = base.NETWORK_SECURITY_CATEGORY
def Filter(self, context, args):
# TODO(b/190537848): Determine if command group works with project number
base.RequireProjectID(args)
del context, args

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/__init__.py Normal file
View File

@@ -0,0 +1,29 @@
# -*- coding: utf-8 -*- #
# Copyright 2021 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Network Security Address Groups."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class AddressGroups(base.Group):
"""Manage Network Security AddressGroups."""
category = base.NETWORK_SECURITY_CATEGORY

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/add_items.yaml Normal file
View File

@@ -0,0 +1,38 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Add items to an address group.
description: |
Add items to an existing address group.
examples: |
Add an item to an address group named ``my-address-group''.
$ {command} my-address-group --items=192.168.1.1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:addressGroup
help_text: Name of the address group to be updated.
params:
- arg_name: items
api_field: addAddressGroupItemsRequest.items
help_text: Items to be added to the address group.
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
method: addItems
collection: networksecurity.projects.locations.addressGroups
response:
modify_response_hooks:
- googlecloudsdk.command_lib.network_security.util:LogAddItemsSuccess

40
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/clone_items.yaml Normal file
View File

@@ -0,0 +1,40 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Clone items from source address group.
description: |
Clone items from source address group.
examples: |
Clone items from source address group named ``other-address-group''.
$ {command} my-address-group --source=projects/other/locations/global/other-address-group
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:addressGroup
help_text: Name of the address group to be updated.
params:
- arg_name: source
api_field: cloneAddressGroupItemsRequest.sourceAddressGroup
help_text: Source address group to be cloned from.
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
method: cloneItems
modify_request_hooks:
- googlecloudsdk.command_lib.network_security.util:FormatSourceAddressGroup
collection: networksecurity.projects.locations.addressGroups
response:
modify_response_hooks:
- googlecloudsdk.command_lib.network_security.util:LogCloneItemsSuccess

69
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/create.yaml Normal file
View File

@@ -0,0 +1,69 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Create an address group.
description: |
Create a new address group with the given name.
examples: |
Create an address group with the name ``my-address-group'', type ``IPV4'', capacity ``100'' and the description ``optional description''.
$ {command} my-address-group --type=IPV4 --capacity=100 --description="optional description"
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:addressGroup
help_text: |
Name of the address group to be created.
params:
- arg_name: description
api_field: addressGroup.description
help_text: Description of the address group.
- arg_name: type
api_field: addressGroup.type
help_text: Type of the address group.
required: true
choices:
- arg_value: ipv4
enum_value: ipv4
- arg_value: ipv6
enum_value: ipv6
- arg_name: capacity
api_field: addressGroup.capacity
help_text: Capacity of the address group.
required: true
- arg_name: items
api_field: addressGroup.items
help_text: Items of the address group.
- arg_name: purpose
api_field: addressGroup.purpose
help_text: |
List of Address Group purposes.
choices:
- arg_value: DEFAULT
enum_value: DEFAULT
- arg_value: CLOUD-ARMOR
enum_value: CLOUD_ARMOR
- arg_name: labels
api_field: addressGroup.labels.additionalProperties
metavar: KEY=VALUE
help_text: |
List of label KEY=VALUE pairs to add.
type:
arg_dict:
flatten: true
spec:
- api_field: key
- api_field: value
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.addressGroups
method: create

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/delete.yaml Normal file
View File

@@ -0,0 +1,29 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Delete address group.
description: |
Delete the specified address group.
examples: |
To delete an address group called 'my-address-group', run:
$ {command} my-address-group --location=global
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:addressGroup
help_text: |
Name of the address group you want to delete.
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.addressGroups

25
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/describe.yaml Normal file
View File

@@ -0,0 +1,25 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Describe an address group.
description: Show details of an address group.
examples: |
Show details about an address group named ``my-address-group''.
$ {command} my-address-group
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:addressGroup
help_text: Name of the address group to be described.
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.addressGroups

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/list.yaml Normal file
View File

@@ -0,0 +1,38 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
List address groups.
description: |
List all address groups in the specified location of the current project.
examples: |
To list address groups in the current project, run:
$ {command} --location=global
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.addressGroups
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:location
help_text: |
The project of the address groups to display.
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME,
type:label=TYPE,
capacity:label=CAPACITY,
items.len():label=USAGE
)

62
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/list_references.py Normal file
View File

@@ -0,0 +1,62 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""ListReference command for the AddressGroup under Project."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import flags
from googlecloudsdk.command_lib.network_security import util
@base.DefaultUniverseOnly
@base.ReleaseTracks(base.ReleaseTrack.GA)
class ListReferences(base.ListCommand):
"""Lists References of an Address Group."""
_release_track = base.ReleaseTrack.GA
detailed_help = {
'EXAMPLES':
"""\
To list References of address group named my-address-group.
$ {command} my-address-group
"""
}
@classmethod
def Args(cls, parser):
flags.AddProjectAddressGroupToParser(cls._release_track, parser)
flags.AddListReferencesFormat(parser)
def Run(self, args):
return util.ListProjectAddressGroupReferences(self._release_track, args)
@base.DefaultUniverseOnly
@base.ReleaseTracks(base.ReleaseTrack.BETA)
class ListReferencesBeta(ListReferences):
"""Lists References of an Address Group."""
_release_track = base.ReleaseTrack.BETA
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class ListReferencesAlpha(ListReferences):
"""Lists References of an Address Group."""
_release_track = base.ReleaseTrack.ALPHA

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/remove_items.yaml Normal file
View File

@@ -0,0 +1,38 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Remove items from an address group.
description: |
Remove items from an existing address group.
examples: |
Remove an item from an address group named ``my-address-group''.
$ {command} my-address-group --items=192.168.1.1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:addressGroup
help_text: Name of the address group to be updated.
params:
- arg_name: items
api_field: removeAddressGroupItemsRequest.items
help_text: Items to be removed from the address group.
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
method: removeItems
collection: networksecurity.projects.locations.addressGroups
response:
modify_response_hooks:
- googlecloudsdk.command_lib.network_security.util:LogRemoveItemsSuccess

47
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/address_groups/update.yaml Normal file
View File

@@ -0,0 +1,47 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Update an address group.
description: |
Update the details of an address group.
examples: |
Update description of an address group named ``my-address-group''.
$ {command} my-address-group --description="New description"
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:addressGroup
help_text: Name of the address group to be updated.
params:
- arg_name: description
api_field: addressGroup.description
help_text: New description of the address group.
- arg_name: items
api_field: addressGroup.items
help_text: Items of the address group.
- arg_name: purpose
api_field: addressGroup.purpose
help_text: |
List of Address Group purposes.
choices:
- arg_value: DEFAULT
enum_value: DEFAULT
- arg_value: CLOUD-ARMOR
enum_value: CLOUD_ARMOR
labels:
api_field: addressGroup.labels
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.addressGroups

28
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authorization_policies/__init__.py Normal file
View File

@@ -0,0 +1,28 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Network Security Authorization Policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class AuthorizationPolicies(base.Group):
"""Manage Network Security AuthorizationPolicies."""
category = base.NETWORK_SECURITY_CATEGORY

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authorization_policies/delete.yaml Normal file
View File

@@ -0,0 +1,29 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Delete authorization policy.
description: |
Delete the specified authorization policy.
examples: |
To delete an authorization policy called 'my-authz-policy', run:
$ {command} my-authz-policy --location=global
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:authorizationPolicy
help_text: |
Name of the authorization policy you want to delete.
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.authorizationPolicies

25
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authorization_policies/export.yaml Normal file
View File

@@ -0,0 +1,25 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Export authorization policy.
description: |
Export an authorization policy.
examples: |
To export an authorization policy, run:
$ {command} my-authz-policy --destination=my-authz-policy.yaml --location=global
request:
collection: networksecurity.projects.locations.authorizationPolicies
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:authorizationPolicy
help_text: |
Name of the authorization policy to export.

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authorization_policies/import.yaml Normal file
View File

@@ -0,0 +1,39 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Import authorization policy.
description: |
Import an authorization policy.
examples: |
To import an authorization policy from a YAML file, run:
$ {command} my-authz-policy --source=my-authz-policy.yaml --location=global
request:
collection: networksecurity.projects.locations.authorizationPolicies
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:authorizationPolicy
help_text: |
Name of the authorization policy to import.
async:
collection: networksecurity.projects.locations.operations
import:
abort_if_equivalent: true
create_if_not_exists: true
create_request:
collection: networksecurity.projects.locations.authorizationPolicies
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
method: create

35
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authorization_policies/list.yaml Normal file
View File

@@ -0,0 +1,35 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
List authorization policies.
description: |
List all authorization policies in the specified location of the current project.
examples: |
To list authorization policies in the current project, run:
$ {command} --location=global
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.authorizationPolicies
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:location
help_text: |
The project of the authorization policies to display.
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME
)

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authz_policies/__init__.py Normal file
View File

@@ -0,0 +1,29 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Network Security Authz Policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
@base.DefaultUniverseOnly
class AuthzPolicies(base.Group):
"""Manage Network Security `AuthzPolicy` resources."""
category = base.NETWORK_SECURITY_CATEGORY

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authz_policies/delete.yaml Normal file
View File

@@ -0,0 +1,29 @@
release_tracks: [BETA, GA]
help_text:
brief: |
Delete an `AuthzPolicy` resource.
description: |
Delete the specified `AuthzPolicy` resource.
examples: |
To delete an `AuthzPolicy` resource named
`my-authz-policy` in `us-central1`, run:
$ {command} my-authz-policy --location=us-central1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:authzPolicy
help_text: |
The ID of the deleted `AuthzPolicy` resource.
async:
collection: networksecurity.projects.locations.operations
request: &request
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.authzPolicies

25
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authz_policies/describe.yaml Normal file
View File

@@ -0,0 +1,25 @@
release_tracks: [BETA, GA]
help_text:
brief: |
Describe an `AuthzPolicy` resource.
description: |
Show details about an `AuthzPolicy` resource.
examples: |
To show details about the `AuthzPolicy` resource named
`my-authz-policy` located in `us-central1`.
$ {command} my-authz-policy --location=us-central1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:authzPolicy
help_text: The ID of the `AuthzPolicy` resource.
request: &request
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.authzPolicies

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authz_policies/import.yaml Normal file
View File

@@ -0,0 +1,38 @@
release_tracks: [BETA, GA]
help_text:
brief: |
Import an `AuthzPolicy` resource.
description: |
Import an `AuthzPolicy` resource defined in a YAML file.
examples: |
To import an `AuthzPolicy` resource named
`my-authz-poilcy` from a YAML file in `us-central1`, run:
$ {command} my-authz-policy --source=my-authz-policy.yaml --location=us-central1
request:
collection: networksecurity.projects.locations.authzPolicies
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:authzPolicy
help_text: |
The ID of the new or updated `AuthzPolicy` resource.
async:
collection: networksecurity.projects.locations.operations
import:
abort_if_equivalent: true
create_if_not_exists: true
create_request:
collection: networksecurity.projects.locations.authzPolicies
BETA:
api_version: v1beta1
GA:
api_version: v1
method: create

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/authz_policies/list.yaml Normal file
View File

@@ -0,0 +1,38 @@
release_tracks: [BETA, GA]
help_text:
brief: |
List `AuthzPolicy` resources.
description: |
List all `AuthzPolicy` resources in the specified location of the
current project.
examples: |
To list all `AuthzPolicy` resources in the current project located
in `us-central1` region run:
$ {command} --location=us-central1
request: &request
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.authzPolicies
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:location
help_text: |
The parent location.
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME,
target.loadBalancingScheme,
updateTime.date(unit=1000, tz_default=UTC):label=LAST_MODIFIED
)

31
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/backend_authentication_configs/__init__.py Normal file
View File

@@ -0,0 +1,31 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Network Security BackendAuthenticationConfigs."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.UniverseCompatible
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class BackendAuthenticationConfigs(base.Group):
"""Manage Network Security BackendAuthenticationConfigs."""
category = base.NETWORK_SECURITY_CATEGORY

63
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/backend_authentication_configs/create.yaml Normal file
View File

@@ -0,0 +1,63 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Create a BackendAuthenticationConfig.
description: |
Create a new BackendAuthenticationConfig.
examples: |
To create a config named `backend-authentication-config`, run:
$ {command} backend-authentication-config \
--trust-config=projects/my-project/locations/global/trustConfigs/my-trust-config \
--location=global
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:backendAuthenticationConfig
help_text: |
Realm to be created.
params:
- arg_name: description
api_field: backendAuthenticationConfig.description
help_text: Description of the backend authentication config.
- arg_name: client-certificate
api_field: backendAuthenticationConfig.clientCertificate
help_text: ID of certificate resource.
- arg_name: trust-config
api_field: backendAuthenticationConfig.trustConfig
help_text: ID of trust config resource.
- arg_name: well-known-roots
api_field: backendAuthenticationConfig.wellKnownRoots
choices:
- arg_value: none
enum_value: NONE
- arg_value: public-roots
enum_value: PUBLIC_ROOTS
help_text: Indicates whether the load balancer should trust backend server certificates.
- arg_name: labels
api_field: backendAuthenticationConfig.labels.additionalProperties
metavar: KEY=VALUE
help_text: |
List of label KEY=VALUE pairs to add.
type:
arg_dict:
flatten: true
spec:
- api_field: key
- api_field: value
async:
collection: networksecurity.projects.locations.operations
output:
format: yaml
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.backendAuthenticationConfigs
method: create

33
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/backend_authentication_configs/delete.yaml Normal file
View File

@@ -0,0 +1,33 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Delete BackendAuthenticationConfig.
description: |
Delete the specified BackendAuthenticationConfig.
examples: |
To delete a BackendAuthenticationConfig called 'my-backend-authentication-config', run:
$ {command} my-backend-authentication-config --location=global
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:backendAuthenticationConfig
help_text: |
Name of the BackendAuthenticationConfig you want to delete.
params:
- arg_name: etag
api_field: etag
help_text: The entity-tag of the BackendAuthenticationConfig.
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.backendAuthenticationConfigs

25
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/backend_authentication_configs/describe.yaml Normal file
View File

@@ -0,0 +1,25 @@
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Describe BackendAuthenticationConfig.
description: |
Describe the specified BackendAuthenticationConfig.
examples: |
To describe a BackendAuthenticationConfig called 'my-backend-authentication-config', run:
$ {command} my-backend-authentication-config --location=global
request:
collection: networksecurity.projects.locations.backendAuthenticationConfigs
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
help_text: The BackendAuthenticationConfig you want to describe.
spec: !REF googlecloudsdk.command_lib.network_security.resources:backendAuthenticationConfig

25
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/backend_authentication_configs/export.yaml Normal file
View File

@@ -0,0 +1,25 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Export BackendAuthenticationConfig.
description: |
Export a BackendAuthenticationConfig.
examples: |
To export a BackendAuthenticationConfig, run:
$ {command} my-backend-authentication-config --destination=my-backend-authentication-config.yaml --location=global
request:
collection: networksecurity.projects.locations.backendAuthenticationConfigs
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:backendAuthenticationConfig
help_text: |
Name of the BackendAuthenticationConfig to export.

37
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/backend_authentication_configs/import.yaml Normal file
View File

@@ -0,0 +1,37 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Import BackendAuthenticationConfigs.
description: |
Import a BackendAuthenticationConfigs.
examples: |
To import a BackendAuthenticationConfigs from a YAML file, run:
$ {command} my-backend-authentication-config --source=my-backend-authentication-config.yaml --location=global
request:
collection: networksecurity.projects.locations.backendAuthenticationConfigs
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:backendAuthenticationConfig
help_text: |
Name of the BackendAuthenticationConfigs to import.
async:
collection: networksecurity.projects.locations.operations
import:
abort_if_equivalent: true
create_if_not_exists: true
create_request:
collection: networksecurity.projects.locations.backendAuthenticationConfigs
ALPHA:
api_version: v1alpha1
method: create

40
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/backend_authentication_configs/list.yaml Normal file
View File

@@ -0,0 +1,40 @@
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
List BackendAuthenticationConfigs.
description: |
List all BackendAuthenticationConfigs in the current project.
examples: |
To list BackendAuthenticationConfigs in the current project, run:
$ {command}
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.backendAuthenticationConfigs
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:allDefaultLocation
help_text: |
The location of the BackendAuthenticationConfigs to display.
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME:sort=1,
name.segment(3):label=LOCATION,
wellKnownRoots:label=WELL_KNOWN_ROOTS,
description:label=DESCRIPTION,
createTime:label=CREATE_TIME,
updateTime:label=UPDATE_TIME
)

28
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/client_tls_policies/__init__.py Normal file
View File

@@ -0,0 +1,28 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Network Security Client TLS Policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA,
base.ReleaseTrack.GA)
class ClientTlsPolicies(base.Group):
"""Manage Network Security ClientTlsPolicies."""
category = base.NETWORK_SECURITY_CATEGORY

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/client_tls_policies/delete.yaml Normal file
View File

@@ -0,0 +1,29 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Delete ClientTlsPolicy.
description: |
Delete the specified ClientTlsPolicy.
examples: |
To delete a ClientTlsPolicy called 'my-client-tls-policy', run:
$ {command} my-client-tls-policy --location=global
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:clientTlsPolicy
help_text: |
Name of the ClientTlsPolicy you want to delete.
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.clientTlsPolicies

25
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/client_tls_policies/export.yaml Normal file
View File

@@ -0,0 +1,25 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Export ClientTlsPolicy.
description: |
Export a ClientTlsPolicy.
examples: |
To export a ClientTlsPolicy, run:
$ {command} my-client-tls-policy --destination=my-client-tls-policy.yaml --location=global
request:
collection: networksecurity.projects.locations.clientTlsPolicies
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:clientTlsPolicy
help_text: |
Name of the ClientTlsPolicy to export.

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/client_tls_policies/import.yaml Normal file
View File

@@ -0,0 +1,39 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Import ClientTlsPolicy.
description: |
Import a ClientTlsPolicy.
examples: |
To import a ClientTlsPolicy from a YAML file, run:
$ {command} my-client-tls-policy --source=my-client-tls-policy.yaml --location=global
request:
collection: networksecurity.projects.locations.clientTlsPolicies
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:clientTlsPolicy
help_text: |
Name of the ClientTlsPolicy to import.
async:
collection: networksecurity.projects.locations.operations
import:
abort_if_equivalent: true
create_if_not_exists: true
create_request:
collection: networksecurity.projects.locations.clientTlsPolicies
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
method: create

35
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/client_tls_policies/list.yaml Normal file
View File

@@ -0,0 +1,35 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
List ClientTlsPolicies.
description: |
List all ClientTlsPolicies in the specified location of the current project.
examples: |
To list ClientTlsPolicies in the current project, run:
$ {command} --location=global
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.clientTlsPolicies
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:location
help_text: |
The project of the ClientTlsPolicies to display.
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME
)

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/__init__.py Normal file
View File

@@ -0,0 +1,39 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
"""Manage Dns Threat Detector resources."""
from googlecloudsdk.calliope import base
from surface.network_security.dns_threat_detectors import _init_extensions as extensions
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
@base.Autogenerated
class DnsThreatDetectorsAlpha(extensions.DnsThreatDetectorsAlpha):
"""Manage Dns Threat Detector resources."""
@base.ReleaseTracks(base.ReleaseTrack.BETA)
@base.Autogenerated
class DnsThreatDetectorsBeta(extensions.DnsThreatDetectorsBeta):
"""Manage Dns Threat Detector resources."""
@base.ReleaseTracks(base.ReleaseTrack.GA)
@base.Autogenerated
class DnsThreatDetectorsGa(extensions.DnsThreatDetectorsGa):
"""Manage Dns Threat Detector resources."""

31
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_init_extensions.py Normal file
View File

@@ -0,0 +1,31 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
"""File to add optional custom code to extend __init__.py."""
from googlecloudsdk.calliope import base
class DnsThreatDetectorsAlpha(base.Group):
"""Optional no-auto-generated code for ALPHA."""
class DnsThreatDetectorsBeta(base.Group):
"""Optional no-auto-generated code for BETA."""
class DnsThreatDetectorsGa(base.Group):
"""Optional no-auto-generated code for GA."""

74
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_create_alpha.yaml Normal file
View File

@@ -0,0 +1,74 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- ALPHA
auto_generated: true
help_text:
brief: Create a DnsThreatDetector resource
description: Create a DnsThreatDetector resource.
examples: |-
To create `DnsThreatDetector` resource `my-dns-threat-detector`, and using the Infoblox threat detection engine, run:
$ {command} --location=global --provider=infoblox my-dns-threat-detector
arguments:
params:
- help_text: |-
Identifier. Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
request_id_field: dnsThreatDetectorId
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1alpha1_resources:projects_locations_dns_threat_detectors
required: true
- arg_name: labels
api_field: dnsThreatDetector.labels
required: false
repeated: true
help_text: |-
Any labels associated with the DnsThreatDetector, listed as key value
pairs.
spec:
- api_field: key
- api_field: value
- arg_name: excluded-networks
help_text: |-
A list of network resource names which aren't monitored by this
DnsThreatDetector.
Example:
`projects/PROJECT_ID/global/networks/NETWORK_NAME`.
is_positional: false
is_primary_resource: false
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1alpha1_resources:projects_none_networks
resource_method_params:
dnsThreatDetector.excludedNetworks: '{__relative_name__}'
required: false
repeated: true
- arg_name: provider
api_field: dnsThreatDetector.provider
required: true
help_text: |-
The provider used for DNS threat analysis.
choices:
- arg_value: infoblox
enum_value: INFOBLOX
help_text: |-
The Infoblox DNS threat detector provider.
request:
api_version: v1alpha1
collection:
- networksecurity.projects.locations.dnsThreatDetectors

74
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_create_beta.yaml Normal file
View File

@@ -0,0 +1,74 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- BETA
auto_generated: true
help_text:
brief: Create a DnsThreatDetector resource
description: Create a DnsThreatDetector resource.
examples: |-
To create `DnsThreatDetector` resource `my-dns-threat-detector`, and using the Infoblox threat detection engine, run:
$ {command} --location=global --provider=infoblox my-dns-threat-detector
arguments:
params:
- help_text: |-
Identifier. Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
request_id_field: dnsThreatDetectorId
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1beta1_resources:projects_locations_dns_threat_detectors
required: true
- arg_name: labels
api_field: dnsThreatDetector.labels
required: false
repeated: true
help_text: |-
Any labels associated with the DnsThreatDetector, listed as key value
pairs.
spec:
- api_field: key
- api_field: value
- arg_name: excluded-networks
help_text: |-
A list of network resource names which aren't monitored by this
DnsThreatDetector.
Example:
`projects/PROJECT_ID/global/networks/NETWORK_NAME`.
is_positional: false
is_primary_resource: false
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1beta1_resources:projects_none_networks
resource_method_params:
dnsThreatDetector.excludedNetworks: '{__relative_name__}'
required: false
repeated: true
- arg_name: provider
api_field: dnsThreatDetector.provider
required: true
help_text: |-
The provider used for DNS threat analysis.
choices:
- arg_value: infoblox
enum_value: INFOBLOX
help_text: |-
The Infoblox DNS threat detector provider.
request:
api_version: v1beta1
collection:
- networksecurity.projects.locations.dnsThreatDetectors

74
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_create_ga.yaml Normal file
View File

@@ -0,0 +1,74 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- GA
auto_generated: true
help_text:
brief: Create a DnsThreatDetector resource
description: Create a DnsThreatDetector resource.
examples: |-
To create `DnsThreatDetector` resource `my-dns-threat-detector`, and using the Infoblox threat detection engine, run:
$ {command} --location=global --provider=infoblox my-dns-threat-detector
arguments:
params:
- help_text: |-
Identifier. Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
request_id_field: dnsThreatDetectorId
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1_resources:projects_locations_dns_threat_detectors
required: true
- arg_name: labels
api_field: dnsThreatDetector.labels
required: false
repeated: true
help_text: |-
Any labels associated with the DnsThreatDetector, listed as key value
pairs.
spec:
- api_field: key
- api_field: value
- arg_name: excluded-networks
help_text: |-
A list of network resource names which aren't monitored by this
DnsThreatDetector.
Example:
`projects/PROJECT_ID/global/networks/NETWORK_NAME`.
is_positional: false
is_primary_resource: false
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1_resources:projects_none_networks
resource_method_params:
dnsThreatDetector.excludedNetworks: '{__relative_name__}'
required: false
repeated: true
- arg_name: provider
api_field: dnsThreatDetector.provider
required: true
help_text: |-
The provider used for DNS threat analysis.
choices:
- arg_value: infoblox
enum_value: INFOBLOX
help_text: |-
The Infoblox DNS threat detector provider.
request:
api_version: v1
collection:
- networksecurity.projects.locations.dnsThreatDetectors

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_delete_alpha.yaml Normal file
View File

@@ -0,0 +1,39 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- ALPHA
auto_generated: true
help_text:
brief: Delete a DnsThreatDetector resource
description: Delete a DnsThreatDetector resource.
examples: |-
To delete `DnsThreatDetector` resource `my-dns-threat-detector`, run:
$ {command} --location=global my-dns-threat-detector
arguments:
params:
- help_text: |-
Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1alpha1_resources:projects_locations_dns_threat_detectors
required: true
request:
api_version: v1alpha1
collection:
- networksecurity.projects.locations.dnsThreatDetectors

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_delete_beta.yaml Normal file
View File

@@ -0,0 +1,39 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- BETA
auto_generated: true
help_text:
brief: Delete a DnsThreatDetector resource
description: Delete a DnsThreatDetector resource.
examples: |-
To delete `DnsThreatDetector` resource `my-dns-threat-detector`, run:
$ {command} --location=global my-dns-threat-detector
arguments:
params:
- help_text: |-
Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1beta1_resources:projects_locations_dns_threat_detectors
required: true
request:
api_version: v1beta1
collection:
- networksecurity.projects.locations.dnsThreatDetectors

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_delete_ga.yaml Normal file
View File

@@ -0,0 +1,39 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- GA
auto_generated: true
help_text:
brief: Delete a DnsThreatDetector resource
description: Delete a DnsThreatDetector resource.
examples: |-
To delete `DnsThreatDetector` resource `my-dns-threat-detector`, run:
$ {command} --location=global my-dns-threat-detector
arguments:
params:
- help_text: |-
Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1_resources:projects_locations_dns_threat_detectors
required: true
request:
api_version: v1
collection:
- networksecurity.projects.locations.dnsThreatDetectors

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_describe_alpha.yaml Normal file
View File

@@ -0,0 +1,39 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- ALPHA
auto_generated: true
help_text:
brief: Describe a DnsThreatDetector resource
description: Gets details of a DnsThreatDetector resource.
examples: |-
To get details of `DnsThreatDetector` resource `my-dns-threat-detector`, run:
$ {command} --location=global my-dns-threat-detector
arguments:
params:
- help_text: |-
Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1alpha1_resources:projects_locations_dns_threat_detectors
required: true
request:
api_version: v1alpha1
collection:
- networksecurity.projects.locations.dnsThreatDetectors

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_describe_beta.yaml Normal file
View File

@@ -0,0 +1,39 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- BETA
auto_generated: true
help_text:
brief: Describe a DnsThreatDetector resource
description: Gets details of a DnsThreatDetector resource.
examples: |-
To get details of `DnsThreatDetector` resource `my-dns-threat-detector`, run:
$ {command} --location=global my-dns-threat-detector
arguments:
params:
- help_text: |-
Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1beta1_resources:projects_locations_dns_threat_detectors
required: true
request:
api_version: v1beta1
collection:
- networksecurity.projects.locations.dnsThreatDetectors

39
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_describe_ga.yaml Normal file
View File

@@ -0,0 +1,39 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- GA
auto_generated: true
help_text:
brief: Describe a DnsThreatDetector resource
description: Gets details of a DnsThreatDetector resource.
examples: |-
To get details of `DnsThreatDetector` resource `my-dns-threat-detector`, run:
$ {command} --location=global my-dns-threat-detector
arguments:
params:
- help_text: |-
Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1_resources:projects_locations_dns_threat_detectors
required: true
request:
api_version: v1
collection:
- networksecurity.projects.locations.dnsThreatDetectors

41
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_list_alpha.yaml Normal file
View File

@@ -0,0 +1,41 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- ALPHA
auto_generated: true
help_text:
brief: List DnsThreatDetector resources
description: Lists all DnsThreatDetector resources.
examples: |-
To list all `DnsThreatDetector` resources, run:
$ {command} --location=global
arguments:
params:
- help_text: |-
The parent value for `ListDnsThreatDetectorsRequest`.
is_positional: false
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1alpha1_resources:projects_locations
required: true
request:
api_version: v1alpha1
collection:
- networksecurity.projects.locations.dnsThreatDetectors
response:
id_field: name

41
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_list_beta.yaml Normal file
View File

@@ -0,0 +1,41 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- BETA
auto_generated: true
help_text:
brief: List DnsThreatDetector resources
description: Lists all DnsThreatDetector resources.
examples: |-
To list all `DnsThreatDetector` resources, run:
$ {command} --location=global
arguments:
params:
- help_text: |-
The parent value for `ListDnsThreatDetectorsRequest`.
is_positional: false
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1beta1_resources:projects_locations
required: true
request:
api_version: v1beta1
collection:
- networksecurity.projects.locations.dnsThreatDetectors
response:
id_field: name

41
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_list_ga.yaml Normal file
View File

@@ -0,0 +1,41 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- GA
auto_generated: true
help_text:
brief: List DnsThreatDetector resources
description: Lists all DnsThreatDetector resources.
examples: |-
To list all `DnsThreatDetector` resources, run:
$ {command} --location=global
arguments:
params:
- help_text: |-
The parent value for `ListDnsThreatDetectorsRequest`.
is_positional: false
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1_resources:projects_locations
required: true
request:
api_version: v1
collection:
- networksecurity.projects.locations.dnsThreatDetectors
response:
id_field: name

80
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_update_alpha.yaml Normal file
View File

@@ -0,0 +1,80 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- ALPHA
auto_generated: true
help_text:
brief: Update a DnsThreatDetector resource
description: Update a DnsThreatDetector resource.
examples: |-
To update `DnsThreatDetector` resource `my-dns-threat-detector` with an additional excluded network, run:
$ {command} --location=global --add-excluded-networks=projects/.../global/networks/my-excluded-network my-dns-threat-detector
arguments:
params:
- help_text: |-
Identifier. Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1alpha1_resources:projects_locations_dns_threat_detectors
required: true
- arg_name: labels
api_field: dnsThreatDetector.labels
required: false
repeated: true
help_text: |-
Any labels associated with the DnsThreatDetector, listed as key value
pairs.
clearable: true
spec:
- api_field: key
- api_field: value
- arg_name: excluded-networks
help_text: |-
A list of network resource names which aren't monitored by this
DnsThreatDetector.
Example:
`projects/PROJECT_ID/global/networks/NETWORK_NAME`.
is_positional: false
is_primary_resource: false
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1alpha1_resources:projects_none_networks
resource_method_params:
dnsThreatDetector.excludedNetworks: '{__relative_name__}'
required: false
repeated: true
clearable: true
- arg_name: provider
api_field: dnsThreatDetector.provider
required: false
help_text: |-
The provider used for DNS threat analysis.
choices:
- arg_value: infoblox
enum_value: INFOBLOX
help_text: |-
The Infoblox DNS threat detector provider.
request:
api_version: v1alpha1
collection:
- networksecurity.projects.locations.dnsThreatDetectors
static_fields:
updateMask: '*'
update:
read_modify_update: true
disable_auto_field_mask: true

80
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_update_beta.yaml Normal file
View File

@@ -0,0 +1,80 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- BETA
auto_generated: true
help_text:
brief: Update a DnsThreatDetector resource
description: Update a DnsThreatDetector resource.
examples: |-
To update `DnsThreatDetector` resource `my-dns-threat-detector` with an additional excluded network, run:
$ {command} --location=global --add-excluded-networks=projects/.../global/networks/my-excluded-network my-dns-threat-detector
arguments:
params:
- help_text: |-
Identifier. Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1beta1_resources:projects_locations_dns_threat_detectors
required: true
- arg_name: labels
api_field: dnsThreatDetector.labels
required: false
repeated: true
help_text: |-
Any labels associated with the DnsThreatDetector, listed as key value
pairs.
clearable: true
spec:
- api_field: key
- api_field: value
- arg_name: excluded-networks
help_text: |-
A list of network resource names which aren't monitored by this
DnsThreatDetector.
Example:
`projects/PROJECT_ID/global/networks/NETWORK_NAME`.
is_positional: false
is_primary_resource: false
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1beta1_resources:projects_none_networks
resource_method_params:
dnsThreatDetector.excludedNetworks: '{__relative_name__}'
required: false
repeated: true
clearable: true
- arg_name: provider
api_field: dnsThreatDetector.provider
required: false
help_text: |-
The provider used for DNS threat analysis.
choices:
- arg_value: infoblox
enum_value: INFOBLOX
help_text: |-
The Infoblox DNS threat detector provider.
request:
api_version: v1beta1
collection:
- networksecurity.projects.locations.dnsThreatDetectors
static_fields:
updateMask: '*'
update:
read_modify_update: true
disable_auto_field_mask: true

80
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/_partials/_update_ga.yaml Normal file
View File

@@ -0,0 +1,80 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
- release_tracks:
- GA
auto_generated: true
help_text:
brief: Update a DnsThreatDetector resource
description: Update a DnsThreatDetector resource.
examples: |-
To update `DnsThreatDetector` resource `my-dns-threat-detector` with an additional excluded network, run:
$ {command} --location=global --add-excluded-networks=projects/.../global/networks/my-excluded-network my-dns-threat-detector
arguments:
params:
- help_text: |-
Identifier. Name of the DnsThreatDetector resource.
is_positional: true
is_primary_resource: true
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1_resources:projects_locations_dns_threat_detectors
required: true
- arg_name: labels
api_field: dnsThreatDetector.labels
required: false
repeated: true
help_text: |-
Any labels associated with the DnsThreatDetector, listed as key value
pairs.
clearable: true
spec:
- api_field: key
- api_field: value
- arg_name: excluded-networks
help_text: |-
A list of network resource names which aren't monitored by this
DnsThreatDetector.
Example:
`projects/PROJECT_ID/global/networks/NETWORK_NAME`.
is_positional: false
is_primary_resource: false
resource_spec: !REF googlecloudsdk.command_lib.network_security.v1_resources:projects_none_networks
resource_method_params:
dnsThreatDetector.excludedNetworks: '{__relative_name__}'
required: false
repeated: true
clearable: true
- arg_name: provider
api_field: dnsThreatDetector.provider
required: false
help_text: |-
The provider used for DNS threat analysis.
choices:
- arg_value: infoblox
enum_value: INFOBLOX
help_text: |-
The Infoblox DNS threat detector provider.
request:
api_version: v1
collection:
- networksecurity.projects.locations.dnsThreatDetectors
static_fields:
updateMask: '*'
update:
read_modify_update: true
disable_auto_field_mask: true

18
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/create.yaml Normal file
View File

@@ -0,0 +1,18 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
_PARTIALS_: true

18
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/delete.yaml Normal file
View File

@@ -0,0 +1,18 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
_PARTIALS_: true

18
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/describe.yaml Normal file
View File

@@ -0,0 +1,18 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
_PARTIALS_: true

18
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/list.yaml Normal file
View File

@@ -0,0 +1,18 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
_PARTIALS_: true

18
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/dns_threat_detectors/update.yaml Normal file
View File

@@ -0,0 +1,18 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# NOTE: This file is autogenerated and should not be edited by hand.
# AUTOGEN_CLI_VERSION: HEAD
_PARTIALS_: true

28
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_attachments/__init__.py Normal file
View File

@@ -0,0 +1,28 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command sub-group for Firewall attachments."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.Hidden
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class FirewallAttachments(base.Group):
"""Create and manage Firewall attachments."""
category = base.NETWORK_SECURITY_CATEGORY

96
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_attachments/create.py Normal file
View File

@@ -0,0 +1,96 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Create attachment command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.firewall_attachments import attachment_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import attachment_flags
from googlecloudsdk.command_lib.util.args import labels_util
DETAILED_HELP = {
'DESCRIPTION': """
Create a firewall attachment. Successful creation of an attachment results
in an attachment in READY state. Check the progress of attachment creation
by using `gcloud network-security firewall-attachments list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To create a firewall attachment called `my-attachment`, in zone
`us-central1-a` and project my-proj, run:
$ {command} my-attachment --zone=us-central1-a --project=my-proj
--producer-forwarding-rule=projects/my-proj/locations/us-central1-a/forwardingRule/my-fw
""",
}
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Create(base.CreateCommand):
"""Create a Firewall attachment."""
@classmethod
def Args(cls, parser):
attachment_flags.AddAttachmentResource(cls.ReleaseTrack(), parser)
attachment_flags.AddMaxWait(parser, '60m') # default to 60 minutes wait.
attachment_flags.AddProducerForwardingRuleArg(parser)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
labels_util.AddCreateLabelsFlags(parser)
def Run(self, args):
client = attachment_api.Client(self.ReleaseTrack())
attachment = args.CONCEPTS.firewall_attachment.Parse()
labels = labels_util.ParseCreateArgs(
args, client.messages.FirewallAttachment.LabelsValue
)
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.CreateAttachment(
attachment_id=attachment.Name(),
parent=attachment.Parent().RelativeName(),
producer_forwarding_rule_name=getattr(args, 'producer_forwarding_rule'),
labels=labels,
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have no format by default,
# but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for firewall attachment [{}] to be created'
.format(attachment.RelativeName())
),
has_result=True,
max_wait=max_wait,
)
Create.detailed_help = DETAILED_HELP

87
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_attachments/delete.py Normal file
View File

@@ -0,0 +1,87 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Delete attachment command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.firewall_attachments import attachment_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import attachment_flags
DETAILED_HELP = {
'DESCRIPTION': """
Delete a firewall attachment. Check the progress of attachment deletion
by using `gcloud network-security firewall-attachments list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To delete a firewall attachment called `my-attachment`, in zone
`us-central1-a` and project my-proj, run:
$ {command} my-attachment --zone=us-central1-a --project=my-proj
$ {command} projects/my-proj/locations/us-central1-a/firewallAttachments/my-attachment
""",
}
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Delete(base.DeleteCommand):
"""Delete a Firewall attachment."""
@classmethod
def Args(cls, parser):
attachment_flags.AddAttachmentResource(cls.ReleaseTrack(), parser)
attachment_flags.AddMaxWait(parser, '60m') # default to 60 minutes wait.
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
def Run(self, args):
client = attachment_api.Client(self.ReleaseTrack())
attachment = args.CONCEPTS.firewall_attachment.Parse()
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.DeleteAttachment(
name=attachment.RelativeName(),
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have no format by default,
# but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for firewall attachment [{}] to be deleted'
.format(attachment.RelativeName())
),
has_result=True,
max_wait=max_wait,
)
Delete.detailed_help = DETAILED_HELP

60
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_attachments/describe.py Normal file
View File

@@ -0,0 +1,60 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Describe attachment command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.firewall_attachments import attachment_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import attachment_flags
DETAILED_HELP = {
'DESCRIPTION': """
Describe a firewall attachment.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To get a description of a firewall attachment called `my-attachment`, in zone
`us-central1-a` and project my-proj, run:
$ {command} my-attachment --zone=us-central1-a --project=my-proj
$ {command} projects/my-proj/locations/us-central1-a/firewallAttachments/my-attachment
""",
}
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class Describe(base.DescribeCommand):
"""Describe a Firewall attachment."""
@classmethod
def Args(cls, parser):
attachment_flags.AddAttachmentResource(cls.ReleaseTrack(), parser)
def Run(self, args):
client = attachment_api.Client(self.ReleaseTrack())
attachment = args.CONCEPTS.firewall_attachment.Parse()
return client.DescribeAttachment(attachment.RelativeName())
Describe.detailed_help = DETAILED_HELP

75
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_attachments/list.py Normal file
View File

@@ -0,0 +1,75 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""List attachment command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.firewall_attachments import attachment_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import attachment_flags
DETAILED_HELP = {
'DESCRIPTION': """
List firewall attachments.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To list firewall attachments in project my-proj, run:
$ {command} --project=my-proj
""",
}
_FORMAT = """\
table(
name.scope("firewallAttachments"):label=ID,
name.scope("locations").segment(0):label=LOCATION,
state
)
"""
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
class List(base.ListCommand):
"""List Firewall attachments."""
@classmethod
def Args(cls, parser):
parser.display_info.AddFormat(_FORMAT)
parser.display_info.AddUriFunc(
attachment_flags.MakeGetUriFunc(cls.ReleaseTrack())
)
attachment_flags.AddProjectArg(
parser, help_text='The project for a list operation'
)
attachment_flags.AddZoneArg(
parser, required=False, help_text='The zone for a list operation'
)
def Run(self, args):
client = attachment_api.Client(self.ReleaseTrack())
zone = args.zone if args.zone else '-'
parent = 'projects/{}/locations/{}'.format(args.project, zone)
return client.ListAttachments(parent, args.limit, args.page_size)
List.detailed_help = DETAILED_HELP

26
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoint_associations/__init__.py Normal file
View File

@@ -0,0 +1,26 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command sub-group for Firewall Plus endpoint associations."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
class FirewallEndpointAssociations(base.Group):
"""Create and manage Firewall Plus endpoint associations."""
category = base.NETWORK_SECURITY_CATEGORY

130
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoint_associations/create.py Normal file
View File

@@ -0,0 +1,130 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Create endpoint association command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.firewall_endpoint_associations import association_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import association_flags
from googlecloudsdk.command_lib.util.args import labels_util
from googlecloudsdk.core import exceptions as core_exceptions
from googlecloudsdk.core import properties
DETAILED_HELP = {
'DESCRIPTION': """
Associate the specified network with the firewall endpoint. Successful
creation of a firewall endpoint association results in an association
in READY state. Check the progress of association creation by using
`gcloud network-security firewall-endpoint-associations list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To associate a network with a firewall endpoint, run:
$ {command} --network=projects/my-project/networks/global/myNetwork --endpoint=organizations/1234/locations/us-central1-a/firewallEndpoints/my-endpoint --zone=us-central1-a --project=my-project
""",
}
class Create(base.CreateCommand):
"""Create a Firewall Plus endpoint association."""
@classmethod
def Args(cls, parser):
association_flags.AddAssociationIDArg(parser)
association_flags.AddZoneArg(parser)
association_flags.AddEndpointResource(cls.ReleaseTrack(), parser)
association_flags.AddNetworkResource(parser)
association_flags.AddMaxWait(parser, '60m') # default to 60 minutes wait.
association_flags.AddTLSInspectionPolicy(cls.ReleaseTrack(), parser)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
labels_util.AddCreateLabelsFlags(parser)
def Run(self, args):
client = association_api.Client(self.ReleaseTrack())
project = args.project or properties.VALUES.core.project.GetOrFail()
zone = args.zone
parent = 'projects/{}/locations/{}'.format(project, zone)
association_id = args.association_id
labels = labels_util.ParseCreateArgs(
args, client.messages.FirewallEndpointAssociation.LabelsValue
)
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
network = args.CONCEPTS.network.Parse()
endpoint = args.CONCEPTS.endpoint.Parse()
tls_inspection_policy = None
if args.IsSpecified('tls_inspection_policy'):
tls_inspection_policy = args.CONCEPTS.tls_inspection_policy.Parse()
if tls_inspection_policy is None:
raise core_exceptions.Error(
'TLS Inspection Policy resource path is either malformed or missing'
' necessary flag `--tls-inspection-policy-region`.\nNOTE: TLS'
' Inspection Policy needs to be in the same region as Firewall Plus'
' endpoint resource.'
)
operation = client.CreateAssociation(
association_id=association_id,
parent=parent,
network=network.RelativeName(),
firewall_endpoint=endpoint.RelativeName(),
tls_inspection_policy=tls_inspection_policy.RelativeName()
if tls_inspection_policy is not None
else None,
labels=labels,
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have no format by default,
# but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
if association_id:
association_name = '{}/firewallEndpointAssociations/{}'.format(
parent, association_id
)
else:
association_name = 'between {} and {}'.format(
network.RelativeName(), endpoint.RelativeName()
)
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for firewall endpoint association {} to be created'.format(
association_name
)
),
has_result=True,
max_wait=max_wait,
)
Create.detailed_help = DETAILED_HELP

83
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoint_associations/delete.py Normal file
View File

@@ -0,0 +1,83 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Delete endpoint association command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.firewall_endpoint_associations import association_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import association_flags
DETAILED_HELP = {
'DESCRIPTION': """
Unassociate the specified network from a firewall endpoint. Check the
progress of association deletion by using
`gcloud network-security firewall-endpoint-associations list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To unassociate a network from a firewall, run:
$ {command} my-assoc --zone=us-central1-a --project=my-project
OR
$ {command} projects/my-project/locations/us-central1-a/firewallEndpointAssociations/my-association
""",
}
class Delete(base.DeleteCommand):
"""Delete a Firewall Plus endpoint association."""
@classmethod
def Args(cls, parser):
association_flags.AddAssociationResource(cls.ReleaseTrack(), parser)
association_flags.AddMaxWait(parser, '60m') # default to 60 minutes wait.
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
def Run(self, args):
client = association_api.Client(self.ReleaseTrack())
association = args.CONCEPTS.firewall_endpoint_association.Parse()
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.DeleteAssociation(
name=association.RelativeName(),
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have no format by default,
# but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for firewall endpoint association [{}] to be deleted'
.format(association.RelativeName())
),
has_result=False,
max_wait=max_wait,
)
Delete.detailed_help = DETAILED_HELP

59
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoint_associations/describe.py Normal file
View File

@@ -0,0 +1,59 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Describe endpoint association command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.firewall_endpoint_associations import association_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import association_flags
DETAILED_HELP = {
'DESCRIPTION': """
Describe a firewall endpoint association.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To get a description of a firewall endpoint association called
`my-association`, run:
$ {command} my-association --zone=us-central1-a --project=my-project
OR
$ {command} projects/my-project/locations/us-central1-a/firewallEndpointAssociations/my-association
""",
}
class Describe(base.DescribeCommand):
"""Describe a Firewall Plus endpoint association."""
@classmethod
def Args(cls, parser):
association_flags.AddAssociationResource(cls.ReleaseTrack(), parser)
def Run(self, args):
client = association_api.Client(self.ReleaseTrack())
association = args.CONCEPTS.firewall_endpoint_association.Parse()
return client.DescribeAssociation(association.RelativeName())
Describe.detailed_help = DETAILED_HELP

80
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoint_associations/list.py Normal file
View File

@@ -0,0 +1,80 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""List endpoint associations command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.firewall_endpoint_associations import association_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import association_flags
from googlecloudsdk.core import properties
DETAILED_HELP = {
'DESCRIPTION': """
List firewall endpoint associations.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To list firewall endpoint associations, run:
$ {command} --zone=us-central1-a --project=my-project
To list firewall endpoint associations in all zones, run:
$ {command} --project=my-project
The project is automatically read from the core/project property if it is defined.
""",
}
_FORMAT = """\
table(
name.scope("firewallEndpointAssociations"):label=ID,
name.scope("locations").segment(0):label=LOCATION,
network.scope("networks"):label=NETWORK,
firewallEndpoint.scope("firewallEndpoints"):label=ENDPOINT,
state
)
"""
class List(base.ListCommand):
"""List Firewall Plus endpoint associations."""
@classmethod
def Args(cls, parser):
parser.display_info.AddFormat(_FORMAT)
parser.display_info.AddUriFunc(
association_flags.MakeGetUriFunc(cls.ReleaseTrack())
)
association_flags.AddZoneArg(
parser, required=False, help_text='Zone for the list operation'
)
def Run(self, args):
client = association_api.Client(self.ReleaseTrack())
project = args.project or properties.VALUES.core.project.GetOrFail()
zone = args.zone or '-'
parent = 'projects/{}/locations/{}'.format(project, zone)
return client.ListAssociations(parent, args.limit, args.page_size)
List.detailed_help = DETAILED_HELP

159
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoint_associations/update.py Normal file
View File

@@ -0,0 +1,159 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Update endpoint association command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.firewall_endpoint_associations import association_api
from googlecloudsdk.calliope import base
from googlecloudsdk.calliope import exceptions
from googlecloudsdk.command_lib.network_security import association_flags
from googlecloudsdk.command_lib.util.args import labels_util
from googlecloudsdk.core import exceptions as core_exceptions
DETAILED_HELP = {
'DESCRIPTION': """
Update a firewall endpoint association. Check the progress of
association update by using
`gcloud network-security firewall-endpoint-associations describe`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To update labels k1 and k2, run:
$ {command} my-assoc --zone=us-central1-a --project=my-proj --update-labels=k1=v1,k2=v2
To remove labels k3 and k4, run:
$ {command} my-assoc --zone=us-central1-a --project=my-proj --remove-labels=k3,k4
To clear all labels from the firewall endpoint association, run:
$ {command} my-assoc --zone=us-central1-a --project=my-proj --clear-labels
""",
}
class Update(base.UpdateCommand):
"""Update a Firewall Plus endpoint association."""
_valid_arguments = [
'--clear-labels',
'--remove-labels',
'--update-labels',
'--[no-]tls-inspection-policy',
'--[no-]disabled',
]
@classmethod
def Args(cls, parser):
association_flags.AddAssociationResource(cls.ReleaseTrack(), parser)
association_flags.AddMaxWait(parser, '60m') # default to 60 minutes wait.
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
outer_group = parser.add_mutually_exclusive_group()
association_flags.AddDisabledArg(outer_group)
tls_and_labels_group = outer_group.add_group()
labels_util.AddUpdateLabelsFlags(tls_and_labels_group)
tls_group = tls_and_labels_group.add_mutually_exclusive_group()
association_flags.AddTLSInspectionPolicy(cls.ReleaseTrack(), tls_group)
association_flags.AddNoTLSInspectionPolicyArg(tls_group)
def Run(self, args):
"""Updates an association with labels and TLS inspection policy.
Args:
args: argparse.Namespace, the parsed arguments.
Returns:
A long running operation if async is set, None otherwise.
"""
client = association_api.Client(self.ReleaseTrack())
update_fields = {}
association = args.CONCEPTS.firewall_endpoint_association.Parse()
original = client.DescribeAssociation(association.RelativeName())
if original is None:
raise exceptions.InvalidArgumentException(
'firewall-endpoint-association',
'Firewall endpoint association does not exist.',
)
if args.IsSpecified('disabled'):
update_fields['disabled'] = getattr(args, 'disabled', False)
if args.IsSpecified('tls_inspection_policy'):
parsed_policy = args.CONCEPTS.tls_inspection_policy.Parse()
if parsed_policy is None:
raise core_exceptions.Error(
'TLS Inspection Policy resource path is either empty, malformed,'
' or missing necessary flag'
' `--tls-inspection-policy-region`.\nNOTE: TLS Inspection Policy'
' needs to be in the same region as Firewall Plus endpoint'
' resource.'
)
update_fields['tls_inspection_policy'] = parsed_policy.RelativeName()
elif getattr(args, 'no_tls_inspection_policy', False):
# We use an empty value to remove the policy.
update_fields['tls_inspection_policy'] = ''
labels_diff = labels_util.Diff.FromUpdateArgs(args)
if labels_diff.MayHaveUpdates():
update_fields['labels'] = original.labels
labels_update = labels_diff.Apply(
client.messages.FirewallEndpointAssociation.LabelsValue,
original.labels,
)
if labels_update.needs_update:
update_fields['labels'] = labels_update.labels
if not update_fields:
raise exceptions.MinimumArgumentException(self._valid_arguments)
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.UpdateAssociation(
name=association.RelativeName(),
update_fields=update_fields,
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have no format by default,
# but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for firewall endpoint association [{}] to be updated'
.format(association.RelativeName())
),
has_result=True,
max_wait=max_wait,
)
Update.detailed_help = DETAILED_HELP

26
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoints/__init__.py Normal file
View File

@@ -0,0 +1,26 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command sub-group for Firewall Plus endpoints."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
class FirewallEndpoints(base.Group):
"""Create and manage Firewall Plus endpoints."""
category = base.NETWORK_SECURITY_CATEGORY

128
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoints/create.py Normal file
View File

@@ -0,0 +1,128 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Create endpoint command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.firewall_endpoints import activation_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import activation_flags
from googlecloudsdk.command_lib.util.args import labels_util
DETAILED_HELP = {
'DESCRIPTION': """
Create a firewall endpoint. Successful creation of an endpoint results
in an endpoint in READY state. Check the progress of endpoint creation
by using `gcloud network-security firewall-endpoints list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To create a firewall endpoint called `my-endpoint`, in zone
`us-central1-a` and organization ID 1234, run:
$ {command} my-endpoint --zone=us-central1-a --organization=1234
""",
}
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
@base.DefaultUniverseOnly
class Create(base.CreateCommand):
"""Create a Firewall Plus endpoint."""
@classmethod
def Args(cls, parser):
activation_flags.AddEndpointResource(cls.ReleaseTrack(), parser)
activation_flags.AddMaxWait(parser, '60m') # default to 60 minutes wait.
activation_flags.AddDescriptionArg(parser)
activation_flags.AddEnableJumboFramesArg(parser)
activation_flags.AddBillingProjectArg(parser)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
labels_util.AddCreateLabelsFlags(parser)
def Run(self, args):
return self._Run(args)
def _Run(self, args, target_firewall_attachment=None, endpoint_type=None):
client = activation_api.Client(self.ReleaseTrack())
endpoint = args.CONCEPTS.firewall_endpoint.Parse()
labels = labels_util.ParseCreateArgs(
args, client.messages.FirewallEndpoint.LabelsValue
)
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.CreateEndpoint(
name=endpoint.Name(),
parent=endpoint.Parent().RelativeName(),
description=getattr(args, 'description', None),
billing_project_id=args.billing_project,
labels=labels,
target_firewall_attachment=target_firewall_attachment,
enable_jumbo_frames=getattr(args, 'enable_jumbo_frames', None),
endpoint_type=endpoint_type,
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have no format by default,
# but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for firewall endpoint [{}] to be created'.format(
endpoint.RelativeName()
),
has_result=True,
max_wait=max_wait,
)
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
@base.DefaultUniverseOnly
class CreateAlpha(Create):
"""Create a Firewall Plus endpoint."""
@classmethod
def Args(cls, parser):
super(CreateAlpha, cls).Args(parser)
activation_flags.AddTargetFirewallAttachmentArg(parser)
def Run(self, args):
target_firewall_attachment = getattr(
args, 'target_firewall_attachment', None
)
if target_firewall_attachment is not None:
return self._Run(
args, target_firewall_attachment, endpoint_type='THIRD_PARTY'
)
else:
return self._Run(
args, target_firewall_attachment, endpoint_type='TYPE_UNSPECIFIED'
)
Create.detailed_help = DETAILED_HELP

86
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoints/delete.py Normal file
View File

@@ -0,0 +1,86 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Delete endpoint command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.firewall_endpoints import activation_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import activation_flags
DETAILED_HELP = {
'DESCRIPTION': """
Delete a firewall endpoint. Check the progress of endpoint deletion
by using `gcloud network-security firewall-endpoints list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To delete a firewall endpoint called `my-endpoint`, in zone
`us-central1-a` and organization ID 1234, run:
$ {command} my-endpoint --zone=us-central1-a --organization=1234
OR
$ {command} organizations/1234/locations/us-central1-a/firewallEndpoints/my-endpoint
""",
}
class Delete(base.DeleteCommand):
"""Delete a Firewall Plus endpoint."""
@classmethod
def Args(cls, parser):
activation_flags.AddEndpointResource(cls.ReleaseTrack(), parser)
activation_flags.AddMaxWait(parser, '60m') # default to 60 minutes wait.
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
def Run(self, args):
client = activation_api.Client(self.ReleaseTrack())
endpoint = args.CONCEPTS.firewall_endpoint.Parse()
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.DeleteEndpoint(
name=endpoint.RelativeName(),
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have no format by default,
# but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for firewall endpoint [{}] to be deleted'.format(
endpoint.RelativeName()
),
has_result=False,
max_wait=max_wait,
)
Delete.detailed_help = DETAILED_HELP

61
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoints/describe.py Normal file
View File

@@ -0,0 +1,61 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Describe endpoint command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.firewall_endpoints import activation_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import activation_flags
DETAILED_HELP = {
'DESCRIPTION': """
Describe a firewall endpoint.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To get a description of a firewall endpoint called `my-endpoint` in
zone `us-central1-a` and organization ID 1234, run:
$ {command} my-endpoint --zone=us-central1-a --organization=1234
OR
$ {command} organizations/1234/locations/us-central1-a/firewallEndpoints/my-endpoint
""",
}
class Describe(base.DescribeCommand):
"""Describe a Firewall Plus endpoint."""
@classmethod
def Args(cls, parser):
activation_flags.AddEndpointResource(cls.ReleaseTrack(), parser)
def Run(self, args):
client = activation_api.Client(self.ReleaseTrack())
endpoint = args.CONCEPTS.firewall_endpoint.Parse()
return client.DescribeEndpoint(endpoint.RelativeName())
Describe.detailed_help = DETAILED_HELP

75
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoints/list.py Normal file
View File

@@ -0,0 +1,75 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""List endpoints command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.firewall_endpoints import activation_api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security import activation_flags
DETAILED_HELP = {
'DESCRIPTION': """
List firewall endpoints.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To list firewall endpoints in organization ID 1234, run:
$ {command} --organization=1234
""",
}
_FORMAT = """\
table(
name.scope("firewallEndpoints"):label=ID,
name.scope("locations").segment(0):label=LOCATION,
state
)
"""
class List(base.ListCommand):
"""List Firewall Plus endpoints."""
@classmethod
def Args(cls, parser):
parser.display_info.AddFormat(_FORMAT)
parser.display_info.AddUriFunc(
activation_flags.MakeGetUriFunc(cls.ReleaseTrack())
)
activation_flags.AddOrganizationArg(
parser, help_text='The organization for a list operation'
)
# TODO(b/274296391): Change to required=False once it's supported.
activation_flags.AddZoneArg(
parser, required=True, help_text='The zone for a list operation'
)
def Run(self, args):
client = activation_api.Client(self.ReleaseTrack())
zone = args.zone if args.zone else '-'
parent = 'organizations/{}/locations/{}'.format(args.organization, zone)
return client.ListEndpoints(parent, args.limit, args.page_size)
List.detailed_help = DETAILED_HELP

131
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/firewall_endpoints/update.py Normal file
View File

@@ -0,0 +1,131 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Update endpoint command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.firewall_endpoints import activation_api
from googlecloudsdk.calliope import base
from googlecloudsdk.calliope import exceptions
from googlecloudsdk.command_lib.network_security import activation_flags
from googlecloudsdk.command_lib.util.args import labels_util
DETAILED_HELP = {
'DESCRIPTION': """
Update a firewall endpoint. Check the progress of endpoint update
by using `gcloud network-security firewall-endpoints describe`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To update labels k1 and k2, run:
$ {command} my-endpoint --zone=us-central1-a --organization=1234 --update-labels=k1=v1,k2=v2
To remove labels k3 and k4, run:
$ {command} my-endpoint --zone=us-central1-a --organization=1234 --remove-labels=k3,k4
To clear all labels from the firewall endpoint, run:
$ {command} my-endpoint --zone=us-central1-a --organization=1234 --clear-labels
""",
}
class Update(base.UpdateCommand):
"""Update a Firewall Plus endpoint.
This command is used to update labels on the endpoint.
"""
@classmethod
def Args(cls, parser):
activation_flags.AddEndpointResource(cls.ReleaseTrack(), parser)
activation_flags.AddMaxWait(parser, '60m') # default to 60 minutes wait.
activation_flags.AddDescriptionArg(parser)
activation_flags.AddUpdateBillingProjectArg(parser)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
labels_util.AddUpdateLabelsFlags(parser)
def Run(self, args):
client = activation_api.Client(self.ReleaseTrack())
endpoint = args.CONCEPTS.firewall_endpoint.Parse()
original = client.DescribeEndpoint(endpoint.RelativeName())
if original is None:
raise exceptions.InvalidArgumentException(
'firewall-endpoint',
'Firewall endpoint does not exist.')
update_mask = []
labels = None
labels_diff = labels_util.Diff.FromUpdateArgs(args)
if labels_diff.MayHaveUpdates():
update_mask.append('labels')
labels = original.labels
labels_update = labels_diff.Apply(
client.messages.FirewallEndpoint.LabelsValue,
original.labels,
)
if labels_update.needs_update:
labels = labels_update.labels
billing_project_id = args.update_billing_project
if billing_project_id:
update_mask.append('billing_project_id')
if not update_mask:
raise exceptions.MinimumArgumentException([
'--clear-labels',
'--remove-labels',
'--update-labels',
'--update-billing-project',
])
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.UpdateEndpoint(
name=endpoint.RelativeName(),
description=getattr(args, 'description', None),
update_mask=','.join(update_mask),
labels=labels,
billing_project_id=billing_project_id,
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have no format by default,
# but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for firewall endpoint [{}] to be updated'.format(
endpoint.RelativeName()
),
has_result=True,
max_wait=max_wait,
)
Update.detailed_help = DETAILED_HELP

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/__init__.py Normal file
View File

@@ -0,0 +1,29 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Network Security Gateway Security Policies."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class GatewaySecurityPolicies(base.Group):
"""Manage Network Security Gateway Security Policies."""
category = base.NETWORK_SECURITY_CATEGORY

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/delete.yaml Normal file
View File

@@ -0,0 +1,29 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Delete Gateway Security Policy.
description: |
Delete the specified Gateway Security Policy.
examples: |
To delete a Gateway Security Policy called 'my-gateway-security-policy', run:
$ {command} my-gateway-security-policy --location=global
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:gatewaySecurityPolicy
help_text: |
Name of the Gateway Security Policy you want to delete.
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.gatewaySecurityPolicies

25
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/export.yaml Normal file
View File

@@ -0,0 +1,25 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Export Gateway Security Policy.
description: |
Export a Gateway Security Policy.
examples: |
To export a Gateway Security Policy, run:
$ {command} my-gateway-security-policy --destination=my-gateway-security-policy-list.yaml --location=global
request:
collection: networksecurity.projects.locations.gatewaySecurityPolicies
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:gatewaySecurityPolicy
help_text: |
Name of the Gateway Security Policy to export.

43
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/import.yaml Normal file
View File

@@ -0,0 +1,43 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Import Gateway Security Policy.
description: |
Import a Gateway Security Policy.
examples: |
To import a Gateway Security Policy from a YAML file, run:
$ {command} my-gateway-security-policy --source=my-gateway-security-policy-list.yaml --location=global
request:
collection: networksecurity.projects.locations.gatewaySecurityPolicies
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.network_security.hooks:SetUpdateMask
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:gatewaySecurityPolicy
help_text: |
Name of the Gateway Security Policy to import.
async:
collection: networksecurity.projects.locations.operations
import:
abort_if_equivalent: true
create_if_not_exists: true
create_request:
collection: networksecurity.projects.locations.gatewaySecurityPolicies
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
method: create

35
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/list.yaml Normal file
View File

@@ -0,0 +1,35 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
List Gateway Security Policies.
description: |
List all Gateway Security Policies in the specified location of the current project.
examples: |
To list Gateway Security Policies in the current project, run:
$ {command} --location=global
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.gatewaySecurityPolicies
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:location
help_text: |
The project of the Gateway Security Policies to display.
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME
)

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/rules/__init__.py Normal file
View File

@@ -0,0 +1,29 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Network Security Gateway Security Policy Rules."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class GatewaySecurityPolicyRules(base.Group):
"""Manage Network Security Gateway Security Policy Rules."""
category = base.NETWORK_SECURITY_CATEGORY

30
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/rules/delete.yaml Normal file
View File

@@ -0,0 +1,30 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Delete Gateway Security Policy Rule.
description: |
Delete the specified Gateway Security Policy Rule.
examples: |
To delete a Gateway Security Policy Rule called 'my-rule', run:
$ {command} my-rule --location={region} --gateway-security-policy={policy-name}
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:gatewaySecurityPolicyRule
help_text: |
Name of the Gateway Security Policy Rule you want to delete.
is_positional: true
async:
collection: networksecurity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.gatewaySecurityPolicies.rules

26
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/rules/export.yaml Normal file
View File

@@ -0,0 +1,26 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Export Gateway Security Policy Rule.
description: |
Export a Gateway Security Policy Rule.
examples: |
To export a Gateway Security Policy Rule, run:
$ {command} my-rule --destination=my-rule.yaml --location={region} --gateway-security-policy={policy-name}
request:
collection: networksecurity.projects.locations.gatewaySecurityPolicies.rules
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:gatewaySecurityPolicyRule
help_text: |
Name of the Gateway Security Policy Rule to export.
is_positional: true

44
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/rules/import.yaml Normal file
View File

@@ -0,0 +1,44 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
Import Gateway Security Policy Rule.
description: |
Import a Gateway Security Policy Rule.
examples: |
To import a Gateway Security Policy Rule from a YAML file, run:
$ {command} my-rule --source=my-rule.yaml --location={region} --gateway-security-policy={policy-name}
request:
collection: networksecurity.projects.locations.gatewaySecurityPolicies.rules
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.network_security.hooks:SetUpdateMask
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:gatewaySecurityPolicyRule
help_text: |
Name of the Gateway Security Policy Rule to import.
is_positional: true
async:
collection: networksecurity.projects.locations.operations
import:
abort_if_equivalent: true
create_if_not_exists: true
create_request:
collection: networksecurity.projects.locations.gatewaySecurityPolicies.rules
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
method: create

36
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/gateway_security_policies/rules/list.yaml Normal file
View File

@@ -0,0 +1,36 @@
release_tracks: [GA, BETA, ALPHA]
help_text:
brief: |
List Gateway Security Policy Rules.
description: |
List all Gateway Security Policy Rules in the specified location of the current project.
examples: |
To list Gateway Security Policy Rules in the current project, run:
$ {command} --location={region} --gateway-security-policy={policy-name}
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta1
GA:
api_version: v1
collection: networksecurity.projects.locations.gatewaySecurityPolicies.rules
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_security.resources:gatewaySecurityPolicy
help_text: |
The project of the Gateway Security Policy Rules to display.
is_positional: false
response:
id_field: name
output:
format: |
table(
name.basename():label=NAME
)

37
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployment_groups/__init__.py Normal file
View File

@@ -0,0 +1,37 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command sub-group for Intercept Deployment Groups."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class InterceptDeploymentGroups(base.Group):
"""Manage Intercept Deployment Group resources.
This class provides commands for managing Intercept Deployment Groups.
Attributes:
category (str): The category under which this command group falls.
"""
category = base.NETWORK_SECURITY_CATEGORY

122
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployment_groups/create.py Normal file
View File

@@ -0,0 +1,122 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Create deployment group command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.intercept_deployment_groups import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import deployment_group_flags
from googlecloudsdk.command_lib.util.args import labels_util
DETAILED_HELP = {
'DESCRIPTION': """
Create an intercept deployment group. Successful creation of a deployment group results
in a deployment group in ACTIVE state. Check the progress of deployment group creation
by using `gcloud network-security intercept-deployment-groups list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To create a intercept deployment group called `my-deployment-group`, in project ID `my-project`, run:
$ {command} my-deployment-group --project=my-project --location=global --network=my-network
OR
$ {command} my-deployment-group --project=my-project --location=global
--network=projects/my-project/global/networks/my-network
OR
$ {command} projects/my-project/locations/global/interceptDeploymentGroups/my-deployment-group
--network=projects/my-project/global/networks/my-network
OR
$ {command} projects/my-project/locations/global/interceptDeploymentGroups/my-deployment-group
--network=projects/my-project/global/networks/my-network --description='new description'
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Create(base.CreateCommand):
"""Create an Intercept Deployment Group."""
@classmethod
def Args(cls, parser):
deployment_group_flags.AddDeploymentGroupResource(
cls.ReleaseTrack(), parser
)
deployment_group_flags.AddNetworkResource(parser)
deployment_group_flags.AddMaxWait(
parser,
'20m', # default to 20 minutes wait.
)
deployment_group_flags.AddDescriptionArg(parser)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
labels_util.AddCreateLabelsFlags(parser)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
deployment_group = args.CONCEPTS.intercept_deployment_group.Parse()
network = args.CONCEPTS.network.Parse()
labels = labels_util.ParseCreateArgs(
args, client.messages.InterceptDeploymentGroup.LabelsValue
)
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
# deployment_group.RelativeName() is the name
# deployment_group.Name() is the id
operation = client.CreateDeploymentGroup(
deployment_group_id=deployment_group.Name(),
parent=deployment_group.Parent().RelativeName(),
network=network.RelativeName(),
labels=labels,
description=getattr(args, 'description', None),
)
# Return the in-progress operation if async is requested.
if is_async:
# Create operations have their returned resource in YAML format by
# default, but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for intercept deployment group [{}] to be created'.format(
deployment_group.RelativeName()
)
),
has_result=True,
max_wait=max_wait,
)
Create.detailed_help = DETAILED_HELP

97
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployment_groups/delete.py Normal file
View File

@@ -0,0 +1,97 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Delete deployment group command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.intercept_deployment_groups import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import deployment_group_flags
DETAILED_HELP = {
'DESCRIPTION': """
Delete an intercept deployment group. Check the progress of deployment group deletion
by using `gcloud network-security intercept-deployment-groups list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To delete an intercept deployment group called `my-deployment-group`, in project ID `my-project`, run:
$ {command} my-deployment-group --project=my-project --location=global
OR
$ {command} projects/my-project/locations/global/interceptDeploymentGroups/my-deployment-group
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Delete(base.DeleteCommand):
"""Delete an Intercept Deployment Group."""
@classmethod
def Args(cls, parser):
deployment_group_flags.AddDeploymentGroupResource(
cls.ReleaseTrack(), parser
)
deployment_group_flags.AddMaxWait(
parser,
'20m', # default to 20 minutes wait.
)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
deployment_group = args.CONCEPTS.intercept_deployment_group.Parse()
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.DeleteDeploymentGroup(
name=deployment_group.RelativeName(),
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have their returned resource in YAML format by
# default, but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for intercept deployment group [{}] to be deleted'.format(
deployment_group.RelativeName()
)
),
has_result=False,
max_wait=max_wait,
)
Delete.detailed_help = DETAILED_HELP

67
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployment_groups/describe.py Normal file
View File

@@ -0,0 +1,67 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Describe deployment group command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.intercept_deployment_groups import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import deployment_group_flags
DETAILED_HELP = {
'DESCRIPTION': """
Describe an intercept deployment group.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To get a description of an intercept deployment group called `my-deployment-group` in
project ID `my-project`, run:
$ {command} my-deployment-group --project=my-project --location=global
OR
$ {command} projects/my-project/locations/global/interceptDeploymentGroups/my-deployment-group
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Describe(base.DescribeCommand):
"""Describe an Intercept Deployment Group."""
@classmethod
def Args(cls, parser):
deployment_group_flags.AddDeploymentGroupResource(
cls.ReleaseTrack(), parser
)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
deployment_group = args.CONCEPTS.intercept_deployment_group.Parse()
return client.DescribeDeploymentGroup(deployment_group.RelativeName())
Describe.detailed_help = DETAILED_HELP

79
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployment_groups/list.py Normal file
View File

@@ -0,0 +1,79 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""List deployment groups command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.intercept_deployment_groups import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import deployment_group_flags
DETAILED_HELP = {
'DESCRIPTION': """
List intercept deployment groups.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To list intercept deployment groups in project ID `my-project`, run:
$ {command} --location=global --project=my-project
OR
$ {command} --location=global
""",
}
_FORMAT = """\
table(
name.scope("interceptDeploymentGroups"):label=ID,
name.scope("locations").segment(0):label=LOCATION,
state
)
"""
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class List(base.ListCommand):
"""List Intercept Deployment Groups."""
@classmethod
def Args(cls, parser):
parser.display_info.AddFormat(_FORMAT)
parser.display_info.AddUriFunc(
deployment_group_flags.MakeGetUriFunc(cls.ReleaseTrack())
)
deployment_group_flags.AddLocationResourceArg(
parser, help_text='The location for a list operation'
)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
parent_ref = args.CONCEPTS.location.Parse()
return client.ListDeploymentGroups(parent_ref.RelativeName(),
page_size=args.page_size)
List.detailed_help = DETAILED_HELP

166
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployment_groups/update.py Normal file
View File

@@ -0,0 +1,166 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Update deployment group command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.intercept_deployment_groups import api
from googlecloudsdk.calliope import base
from googlecloudsdk.calliope import exceptions
from googlecloudsdk.command_lib.network_security.intercept import deployment_group_flags
from googlecloudsdk.command_lib.util.args import labels_util
DETAILED_HELP = {
'DESCRIPTION': """
Update an intercept deployment group. Check the progress of deployment group update
by using `gcloud network-security intercept-deployment-groups list`.
For examples refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To update labels k1 and k2, run:
$ {command} my-deployment-group --project=my-project --location=global --update-labels=k1=v1,k2=v2
To remove labels k3 and k4, run:
$ {command} my-deployment-group --project=my-project --location=global --remove-labels=k3,k4
To clear all labels from the intercept deployment group, run:
$ {command} my-deployment-group --project=my-project --location=global --clear-labels
To update description to 'new description', run:
$ {command} my-deployment-group --project=my-project --location=global --description='new description'
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Update(base.UpdateCommand):
"""Update an Intercept Deployment Group."""
_valid_arguments = [
'--clear-labels',
'--remove-labels',
'--update-labels',
]
@classmethod
def Args(cls, parser):
deployment_group_flags.AddDeploymentGroupResource(
cls.ReleaseTrack(), parser
)
deployment_group_flags.AddMaxWait(
parser,
'20m', # default to 20 minutes wait.
)
deployment_group_flags.AddDescriptionArg(parser)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
labels_util.AddUpdateLabelsFlags(parser)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
deployment_group = args.CONCEPTS.intercept_deployment_group.Parse()
original = client.DescribeDeploymentGroup(deployment_group.RelativeName())
self._validate_original_deployment_group(original)
update_fields = {}
labels = self._process_label_updates(client, args, original)
if labels:
update_fields['labels'] = labels
if not update_fields:
raise exceptions.MinimumArgumentException(self._valid_arguments)
operation = client.UpdateDeploymentGroup(
name=deployment_group.RelativeName(),
description=getattr(args, 'description', None),
update_fields=update_fields,
)
# Returns the in-progress operation if async is requested.
if args.async_:
# Update operations have their returned resource in YAML format by
# default, but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return self._wait_for_operation(
client,
operation,
deployment_group,
datetime.timedelta(seconds=args.max_wait),
)
def _validate_original_deployment_group(self, original):
if original is None:
raise exceptions.InvalidArgumentException(
'intercept-deployment-group',
'Intercept deployment group does not exist.',
)
def _process_label_updates(self, client, args, original_dg):
"""Processes the label update request.
Args:
client: the client to use to make the API call.
args: the args from the command line.
original_dg: the original intercept deployment group.
Returns:
the labels we would like to update if there is any update. Otherwise,
it returns None.
"""
labels_diff = labels_util.Diff.FromUpdateArgs(args)
if not labels_diff.MayHaveUpdates():
return None
labels = original_dg.labels
labels_update = labels_diff.Apply(
client.messages.InterceptDeploymentGroup.LabelsValue,
labels,
)
if labels_update.needs_update:
labels = labels_update.labels
return labels
def _wait_for_operation(self, client, operation, deployment_group, max_wait):
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for intercept deployment group [{}] to be updated'.format(
deployment_group.RelativeName()
)
),
has_result=False,
max_wait=max_wait,
)
Update.detailed_help = DETAILED_HELP

42
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployments/__init__.py Normal file
View File

@@ -0,0 +1,42 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command sub-group for Intercept Deployments."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
DETAILED_HELP = {
'brief': 'Manage Intercept Deployment resources.',
'DESCRIPTION': """
The gcloud intercept-deployments command group lets you manage zonal
deployments for your Intercept Deployment Group.
"""
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class InterceptDeployments(base.Group):
"""Manage Intercept Deployment resources."""
category = base.NETWORK_SECURITY_CATEGORY
detailed_help = DETAILED_HELP

130
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployments/create.py Normal file
View File

@@ -0,0 +1,130 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Create intercept deployment command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.intercept_deployments import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import deployment_flags
from googlecloudsdk.command_lib.util.args import labels_util
DETAILED_HELP = {
'DESCRIPTION': """
Create an intercept deployment. Successful creation of a deployment results
in a deployment in ACTIVE state. Check the progress of deployment creation
by using `gcloud network-security intercept-deployments list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To create an intercept deployment called `my-deployment`, in project ID `my-project` and zone `us-central1-a`, run:
$ {command} my-deployment --project=my-project --location=us-central1-a --deployment-group-location=global
--forwarding-rule=my-forwarding-rule --forwarding-rule-location=us-central1 --intercept-deployment-group=my-deployment-group
OR
$ {command} my-deployment --project=my-project --location=us-central1-a
--forwarding-rule=projects/my-project/regions/us-central1/forwardingRules/my-forwarding-rule
--intercept-deployment-group=projects/my-project/locations/global/interceptDeploymentGroups/my-deployment-group
OR
$ {command} projects/my-project/locations/us-central1/interceptDeployments/my-deployment
--forwarding-rule=projects/my-project/regions/us-central1/forwardingRules/my-forwarding-rule
--intercept-deployment-group=projects/my-project/locations/global/interceptDeploymentGroups/my-deployment-group
OR
$ {command} projects/my-project/locations/us-central1/interceptDeployments/my-deployment
--forwarding-rule=projects/my-project/regions/us-central1/forwardingRules/my-forwarding-rule
--intercept-deployment-group=projects/my-project/locations/global/interceptDeploymentGroups/my-deployment-group
--description="my-description"
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Create(base.CreateCommand):
"""Create an Intercept Deployment."""
@classmethod
def Args(cls, parser):
deployment_flags.AddDeploymentResource(cls.ReleaseTrack(), parser)
deployment_flags.AddForwardingRuleResource(parser)
deployment_flags.AddInterceptDeploymentGroupResource(
cls.ReleaseTrack(), parser
)
deployment_flags.AddMaxWait(
parser,
'20m', # default to 20 minutes wait.
)
deployment_flags.AddDescriptionArg(parser)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
labels_util.AddCreateLabelsFlags(parser)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
deployment = args.CONCEPTS.intercept_deployment.Parse()
forwarding_rule = args.CONCEPTS.forwarding_rule.Parse()
intercept_deployment_group = (
args.CONCEPTS.intercept_deployment_group.Parse()
)
labels = labels_util.ParseCreateArgs(
args, client.messages.InterceptDeployment.LabelsValue
)
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.CreateDeployment(
deployment_id=deployment.Name(),
parent=deployment.Parent().RelativeName(),
forwarding_rule=forwarding_rule.RelativeName(),
intercept_deployment_group=intercept_deployment_group.RelativeName(),
description=getattr(args, 'description', None),
labels=labels,
)
# Return the in-progress operation if async is requested.
if is_async:
# Create operations have their returned resource in YAML format by
# default, but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for intercept deployment [{}] to be created'.format(
deployment.RelativeName()
)
),
has_result=True,
max_wait=max_wait,
)
Create.detailed_help = DETAILED_HELP

87
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployments/delete.py Normal file
View File

@@ -0,0 +1,87 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Delete intercept deployment command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.intercept_deployments import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import deployment_flags
DETAILED_HELP = {
'DESCRIPTION': """
Delete an intercept deployment. Check the progress of deployment deletion
by using `gcloud network-security intercept-deployments list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To delete an intercept deployment called `my-deployment` in location `us-central1`, run:
$ {command} my-deployment --location=us-central1-a --project=my-project
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Delete(base.DeleteCommand):
"""Delete an Intercept Deployment."""
@classmethod
def Args(cls, parser):
deployment_flags.AddDeploymentResource(cls.ReleaseTrack(), parser)
deployment_flags.AddMaxWait(
parser, '20m' # default to 20 minutes wait.
)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
deployment = args.CONCEPTS.intercept_deployment.Parse()
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.DeleteDeployment(name=deployment.RelativeName())
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have their returned resource in YAML format by
# default, but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for intercept deployment [{}] to be deleted'.format(
deployment.RelativeName()
),
has_result=False,
max_wait=max_wait,
)
Delete.detailed_help = DETAILED_HELP

64
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployments/describe.py Normal file
View File

@@ -0,0 +1,64 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Describe deployment command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.intercept_deployments import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import deployment_flags
DETAILED_HELP = {
'DESCRIPTION': """
Describe an intercept deployment.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To get a description of an intercept deployment called `my-deployment` in
zone `us-central1-a`, run:
$ {command} my-deployment --location=us-central1-a --project=my-project
OR
$ {command} projects/my-project/locations/us-central1-a/interceptDeployments/my-deployment
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Describe(base.DescribeCommand):
"""Describe an Intercept Deployment."""
@classmethod
def Args(cls, parser):
deployment_flags.AddDeploymentResource(cls.ReleaseTrack(), parser)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
deployment = args.CONCEPTS.intercept_deployment.Parse()
return client.DescribeDeployment(name=deployment.RelativeName())
Describe.detailed_help = DETAILED_HELP

78
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployments/list.py Normal file
View File

@@ -0,0 +1,78 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""List deployments command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.intercept_deployments import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import deployment_flags
DETAILED_HELP = {
'DESCRIPTION': """
List intercept deployments.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To list intercept deployments in project `my-project` and zone `us-central1-a`, run:
$ {command} --project=my-project --location=us-central1-a
To list intercept deployments from all zones, run:
$ {command} --project=my-project --location=-
""",
}
_FORMAT = """\
table(
name.scope("interceptDeployments"):label=ID,
name.scope("locations").segment(0):label=LOCATION,
state
)
"""
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class List(base.ListCommand):
"""List Intercept Deployments."""
@classmethod
def Args(cls, parser):
parser.display_info.AddFormat(_FORMAT)
parser.display_info.AddUriFunc(
deployment_flags.MakeGetUriFunc(cls.ReleaseTrack())
)
deployment_flags.AddLocationResourceArg(
parser, 'Zone of the deployment', '-'
)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
parent_ref = args.CONCEPTS.location.Parse()
return client.ListDeployments(parent_ref.RelativeName(),
page_size=args.page_size)
List.detailed_help = DETAILED_HELP

164
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_deployments/update.py Normal file
View File

@@ -0,0 +1,164 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Update deployment command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from apitools.base.py import exceptions as apitools_exceptions
from googlecloudsdk.api_lib.network_security.intercept_deployments import api
from googlecloudsdk.calliope import base
from googlecloudsdk.calliope import exceptions
from googlecloudsdk.command_lib.network_security.intercept import deployment_flags
from googlecloudsdk.command_lib.util.args import labels_util
DETAILED_HELP = {
'DESCRIPTION': """
Update an intercept deployment. Check the progress of deployment update
by using `gcloud network-security intercept-deployments list`.
For examples refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To update labels k1 and k2, run:
$ {command} my-deployment --project=my-project --location=us-central1-a --update-labels=k1=v1,k2=v2
To remove labels k3 and k4, run:
$ {command} my-deployment --project=my-project --location=us-central1-a --remove-labels=k3,k4
To clear all labels from the intercept deployment, run:
$ {command} my-deploymen --project=my-project --location=us-central1-a --clear-labels
To update description to 'new description', run:
$ {command} my-deploymen --project=my-project --location=us-central1-a --description="new description"
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Update(base.UpdateCommand):
"""Update an Intercept Deployment."""
_valid_arguments = [
'--clear-labels',
'--remove-labels',
'--update-labels',
]
@classmethod
def Args(cls, parser):
deployment_flags.AddDeploymentResource(cls.ReleaseTrack(), parser)
deployment_flags.AddMaxWait(
parser,
'20m', # default to 20 minutes wait.
)
deployment_flags.AddDescriptionArg(parser)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
labels_util.AddUpdateLabelsFlags(parser)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
deployment = args.CONCEPTS.intercept_deployment.Parse()
try:
original = client.DescribeDeployment(deployment.RelativeName())
except apitools_exceptions.HttpNotFoundError:
raise exceptions.InvalidArgumentException(
'intercept-deployment',
'Intercept deployment does not exist.',
)
update_fields = {}
labels = self._process_label_updates(client, args, original)
if labels:
update_fields['labels'] = labels
if not update_fields:
raise exceptions.MinimumArgumentException(self._valid_arguments)
operation = client.UpdateDeployment(
name=deployment.RelativeName(),
description=getattr(args, 'description', None),
update_fields=update_fields,
)
# Returns the in-progress operation if async is requested.
if args.async_:
# Update operations have their returned resource in YAML format by
# default, but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return self._wait_for_operation(
client,
operation,
deployment,
datetime.timedelta(seconds=args.max_wait),
)
def _process_label_updates(self, client, args, original_deployment):
"""Processes the label update request.
Args:
client: the client to use to make the API call.
args: the args from the command line.
original_deployment: the original intercept deployment.
Returns:
the labels we would like to update if there is any update. Otherwise,
it returns None.
"""
labels_diff = labels_util.Diff.FromUpdateArgs(args)
if not labels_diff.MayHaveUpdates():
return None
labels = original_deployment.labels
labels_update = labels_diff.Apply(
client.messages.InterceptDeployment.LabelsValue,
labels,
)
if labels_update.needs_update:
labels = labels_update.labels
return labels
def _wait_for_operation(self, client, operation, deployment, max_wait):
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for intercept deployment [{}] to be updated'.format(
deployment.RelativeName()
)
),
has_result=False,
max_wait=max_wait,
)
Update.detailed_help = DETAILED_HELP

42
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_endpoint_group_associations/__init__.py Normal file
View File

@@ -0,0 +1,42 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command sub-group for Intercept Endpoint Group Associations."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
DETAILED_HELP = {
'brief': 'Manage Intercept Endpoint Group Association resources.',
'DESCRIPTION': """
The gcloud intercept-endpoint-group-associations command group lets you
associate and deassociate networks to your Intercept Endpoint Group.
"""
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class InterceptEndpointGroupAssociations(base.Group):
"""Manage Intercept Endpoint Group Association resources."""
category = base.NETWORK_SECURITY_CATEGORY
detailed_help = DETAILED_HELP

116
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_endpoint_group_associations/create.py Normal file
View File

@@ -0,0 +1,116 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Create endpoint group association command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.intercept_endpoint_group_associations import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import endpoint_group_association_flags
from googlecloudsdk.command_lib.util.args import labels_util
DETAILED_HELP = {
'DESCRIPTION': """
Create an intercept endpoint group association. Successful creation of an association results
in an association in ACTIVE state. Check the progress of association creation
by using `gcloud network-security intercept-endpoint-group-associations list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To create an intercept endpoint group association called `my-association`, in project ID `my-project`, run:
$ {command} my-association --project=my-project --location=global --intercept-endpoint-group=my-endpoint-group --network=my-network
OR
$ {command} my-association --project=my-project --location=global --intercept-endpoint-group=my-endpoint-group --network=projects/my-project/global/networks/my-network
OR
$ {command} projects/my-project/locations/global/interceptEndpointGroupAssociations/my-association --intercept-endpoint-group=projects/my-project/locations/global/interceptEndpointGroups/my-endpoint-group --network=projects/my-project/global/networks/my-network
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Create(base.CreateCommand):
"""Create an Intercept Endpoint Group Association."""
@classmethod
def Args(cls, parser):
endpoint_group_association_flags.AddEndpointGroupAssociationResource(
cls.ReleaseTrack(), parser
)
endpoint_group_association_flags.AddInterceptEndpointGroupResource(
cls.ReleaseTrack(), parser
)
endpoint_group_association_flags.AddNetworkResource(parser)
endpoint_group_association_flags.AddMaxWait(
parser,
'20m', # default to 20 minutes wait.
)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
labels_util.AddCreateLabelsFlags(parser)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
association = args.CONCEPTS.intercept_endpoint_group_association.Parse()
intercept_endpoint_group = args.CONCEPTS.intercept_endpoint_group.Parse()
network = args.CONCEPTS.network.Parse()
labels = labels_util.ParseCreateArgs(
args, client.messages.InterceptEndpointGroupAssociation.LabelsValue
)
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.CreateEndpointGroupAssociation(
association_id=association.Name(),
parent=association.Parent().RelativeName(),
intercept_endpoint_group=intercept_endpoint_group.RelativeName(),
network=network.RelativeName(),
labels=labels,
)
# Return the in-progress operation if async is requested.
if is_async:
# Create operations have their returned resource in YAML format by
# default, but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for intercept endpoint group association [{}] to be'
' created'.format(association.RelativeName())
),
has_result=True,
max_wait=max_wait,
)
Create.detailed_help = DETAILED_HELP

95
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_endpoint_group_associations/delete.py Normal file
View File

@@ -0,0 +1,95 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Delete endpoint group association command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
import datetime
from googlecloudsdk.api_lib.network_security.intercept_endpoint_group_associations import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import endpoint_group_association_flags
DETAILED_HELP = {
'DESCRIPTION': """
Delete an intercept endpoint group association. Check the progress of deletion
by using `gcloud network-security intercept-endpoint-group-associations list`.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To delete an intercept endpoint group association called `my-association`, in project ID `my-project`, run:
$ {command} my-association --project=my-project --location=global
OR
$ {command} projects/my-project/locations/global/interceptEndpointGroupAssociations/my-association
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Delete(base.DeleteCommand):
"""Delete an Intercept Endpoint Group Association."""
@classmethod
def Args(cls, parser):
endpoint_group_association_flags.AddEndpointGroupAssociationResource(
cls.ReleaseTrack(), parser
)
endpoint_group_association_flags.AddMaxWait(
parser, '20m' # default to 20 minutes wait.
)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
association = args.CONCEPTS.intercept_endpoint_group_association.Parse()
is_async = args.async_
max_wait = datetime.timedelta(seconds=args.max_wait)
operation = client.DeleteEndpointGroupAssociation(
name=association.RelativeName(),
)
# Return the in-progress operation if async is requested.
if is_async:
# Delete operations have their returned resource in YAML format by
# default, but here we want the operation metadata to be printed.
if not args.IsSpecified('format'):
args.format = 'default'
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message=(
'waiting for intercept endpoint group association [{}] to be'
' deleted'.format(association.RelativeName())
),
has_result=False,
max_wait=max_wait,
)
Delete.detailed_help = DETAILED_HELP

66
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_endpoint_group_associations/describe.py Normal file
View File

@@ -0,0 +1,66 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Describe endpoint group association command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.intercept_endpoint_group_associations import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import endpoint_group_association_flags
DETAILED_HELP = {
'DESCRIPTION': """
Describe an intercept endpoint group association.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To get a description of an intercept endpoint group association called `my-association` in
project `my-project` and location `global`, run:
$ {command} my-association --project=my-project --location=global
OR
$ {command} projects/my-project/locations/global/interceptEndpointGroupAssociations/my-association
""",
}
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Describe(base.DescribeCommand):
"""Describe an Intercept Endpoint Group Association."""
@classmethod
def Args(cls, parser):
endpoint_group_association_flags.AddEndpointGroupAssociationResource(
cls.ReleaseTrack(), parser
)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
association = args.CONCEPTS.intercept_endpoint_group_association.Parse()
return client.DescribeEndpointGroupAssociation(association.RelativeName())
Describe.detailed_help = DETAILED_HELP

83
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_security/intercept_endpoint_group_associations/list.py Normal file
View File

@@ -0,0 +1,83 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""List endpoint group associations command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_security.intercept_endpoint_group_associations import api
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_security.intercept import endpoint_group_association_flags
DETAILED_HELP = {
'DESCRIPTION': """
List intercept endpoint group associations.
For more examples, refer to the EXAMPLES section below.
""",
'EXAMPLES': """
To list intercept endpoint group associations in project `my-project` and location `global`, run:
$ {command} --project=my-project --location=global
OR
$ {command} --location=global
OR
$ {command} --location=projects/my-project/locations/global
""",
}
_FORMAT = """\
table(
name.scope("interceptEndpointGroupAssociations"):label=ID,
name.scope("locations").segment(0):label=LOCATION,
state
)
"""
@base.DefaultUniverseOnly
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class List(base.ListCommand):
"""List Intercept Endpoint Group Associations."""
@classmethod
def Args(cls, parser):
parser.display_info.AddFormat(_FORMAT)
parser.display_info.AddUriFunc(
endpoint_group_association_flags.MakeGetUriFunc(cls.ReleaseTrack())
)
endpoint_group_association_flags.AddLocationResourceArg(
parser, help_text='The location for a list operation'
)
def Run(self, args):
client = api.Client(self.ReleaseTrack())
parent_ref = args.CONCEPTS.location.Parse()
return client.ListEndpointGroupAssociations(
parent_ref.RelativeName(), page_size=args.page_size
)
List.detailed_help = DETAILED_HELP

Some files were not shown because too many files have changed in this diff Show More