Skip to content

Commit 342a28c

Browse files
gcf-owl-bot[bot]gcf-owl-bot[bot]
authored
feat: [alloydb] Added new SSL modes ALLOW_UNENCRYPTED_AND_ENCRYPTED, ENCRYPTED_ONLY (#4336)
- [ ] Regenerate this pull request now. feat: Added support for continuous backups feat: Added support for cross-region replication (secondary clusters/instances and promotion) feat: Added users API feat: Added fault injection API fix: Deprecated SSL modes SSL_MODE_ALLOW, SSL_MODE_REQUIRE, SSL_MODE_VERIFY_CA PiperOrigin-RevId: 539728978 Source-Link: https://togithub.com/googleapis/googleapis/commit/cd897429336a508c2410ef810ed6380ec5a4c44a Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/87e91452dce13c3e176a2093065b3e38e2b0dc90 Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWFsbG95ZGIvLk93bEJvdC55YW1sIiwiaCI6Ijg3ZTkxNDUyZGNlMTNjM2UxNzZhMjA5MzA2NWIzZTM4ZTJiMGRjOTAifQ== BEGIN_NESTED_COMMIT feat: [alloydb] Added ClusterView supporting more granular view of continuous backups feat: Added new SSL modes ALLOW_UNENCRYPTED_AND_ENCRYPTED, ENCRYPTED_ONLY feat: Added users API feat: Added fault injection API feat: Added instance update policy feat: Added cluster network config fix: Deprecated SSL modes SSL_MODE_ALLOW, SSL_MODE_REQUIRE, SSL_MODE_VERIFY_CA PiperOrigin-RevId: 539728897 Source-Link: https://togithub.com/googleapis/googleapis/commit/3fcf0b3edb1b9444f330242c386277ae67de7121 Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/8001a897d463c95bbcf6e795dcc93c58180c0622 Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWFsbG95ZGIvLk93bEJvdC55YW1sIiwiaCI6IjgwMDFhODk3ZDQ2M2M5NWJiY2Y2ZTc5NWRjYzkzYzU4MTgwYzA2MjIifQ== END_NESTED_COMMIT BEGIN_NESTED_COMMIT feat: [alloydb] Added ClusterView supporting more granular view of continuous backups feat: Added new SSL modes ALLOW_UNENCRYPTED_AND_ENCRYPTED, ENCRYPTED_ONLY feat: Added users API feat: Added fault injection API feat: Added instance update policy feat: Added cluster network config fix: Deprecated SSL modes SSL_MODE_ALLOW, SSL_MODE_REQUIRE, SSL_MODE_VERIFY_CA PiperOrigin-RevId: 539726243 Source-Link: https://togithub.com/googleapis/googleapis/commit/277df0ec41d2f78e21998b3241223e148f8b3eb1 Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/e7ec1f4788e628c686dfe4b5096bd4894c0cc54c Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWFsbG95ZGIvLk93bEJvdC55YW1sIiwiaCI6ImU3ZWMxZjQ3ODhlNjI4YzY4NmRmZTRiNTA5NmJkNDg5NGMwY2M1NGMifQ== END_NESTED_COMMIT
1 parent e1211f0 commit 342a28c

58 files changed

Lines changed: 73261 additions & 44490 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

packages/google-cloud-alloydb/README.md

Lines changed: 94 additions & 74 deletions
Large diffs are not rendered by default.

packages/google-cloud-alloydb/protos/google/cloud/alloydb/v1/resources.proto

Lines changed: 150 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2022 Google LLC
1+
// Copyright 2023 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -40,18 +40,6 @@ option (google.api.resource_definition) = {
4040
pattern: "projects/{project}/global/networks/{network}"
4141
};
4242

43-
// The supported database engine versions.
44-
enum DatabaseVersion {
45-
// This is an unknown database version.
46-
DATABASE_VERSION_UNSPECIFIED = 0;
47-
48-
// DEPRECATED - The database version is Postgres 13.
49-
POSTGRES_13 = 1 [deprecated = true];
50-
51-
// The database version is Postgres 14.
52-
POSTGRES_14 = 2;
53-
}
54-
5543
// View on Instance. Pass this enum to rpcs that returns an Instance message to
5644
// control which subsets of fields to get.
5745
enum InstanceView {
@@ -68,6 +56,35 @@ enum InstanceView {
6856
INSTANCE_VIEW_FULL = 2;
6957
}
7058

59+
// View on Cluster. Pass this enum to rpcs that returns a cluster message to
60+
// control which subsets of fields to get.
61+
enum ClusterView {
62+
// CLUSTER_VIEW_UNSPECIFIED Not specified, equivalent to BASIC.
63+
CLUSTER_VIEW_UNSPECIFIED = 0;
64+
65+
// BASIC server responses include all the relevant cluster details, excluding
66+
// Cluster.ContinuousBackupInfo.EarliestRestorableTime and other view-specific
67+
// fields. The default value.
68+
CLUSTER_VIEW_BASIC = 1;
69+
70+
// CONTINUOUS_BACKUP response returns all the fields from BASIC plus
71+
// the earliest restorable time if continuous backups are enabled.
72+
// May increase latency.
73+
CLUSTER_VIEW_CONTINUOUS_BACKUP = 2;
74+
}
75+
76+
// The supported database engine versions.
77+
enum DatabaseVersion {
78+
// This is an unknown database version.
79+
DATABASE_VERSION_UNSPECIFIED = 0;
80+
81+
// DEPRECATED - The database version is Postgres 13.
82+
POSTGRES_13 = 1 [deprecated = true];
83+
84+
// The database version is Postgres 14.
85+
POSTGRES_14 = 2;
86+
}
87+
7188
// The username/password for a database user. Used for specifying initial
7289
// users at cluster creation time.
7390
message UserPassword {
@@ -141,25 +158,31 @@ message EncryptionInfo {
141158
];
142159
}
143160

144-
// SSL configuration for an AlloyDB Cluster.
161+
// SSL configuration.
145162
message SslConfig {
146163
// SSL mode options.
147164
enum SslMode {
148-
// SSL mode not specified. Defaults to SSL_MODE_ALLOW.
165+
// SSL mode not specified. Defaults to ENCRYPTED_ONLY.
149166
SSL_MODE_UNSPECIFIED = 0;
150167

151168
// SSL connections are optional. CA verification not enforced.
152-
SSL_MODE_ALLOW = 1;
169+
SSL_MODE_ALLOW = 1 [deprecated = true];
153170

154171
// SSL connections are required. CA verification not enforced.
155172
// Clients may use locally self-signed certificates (default psql client
156173
// behavior).
157-
SSL_MODE_REQUIRE = 2;
174+
SSL_MODE_REQUIRE = 2 [deprecated = true];
158175

159176
// SSL connections are required. CA verification enforced.
160177
// Clients must have certificates signed by a Cluster CA, e.g. via
161178
// GenerateClientCertificate.
162-
SSL_MODE_VERIFY_CA = 3;
179+
SSL_MODE_VERIFY_CA = 3 [deprecated = true];
180+
181+
// SSL connections are optional. CA verification not enforced.
182+
ALLOW_UNENCRYPTED_AND_ENCRYPTED = 4;
183+
184+
// SSL connections are required. CA verification not enforced.
185+
ENCRYPTED_ONLY = 5;
163186
}
164187

165188
// Certificate Authority (CA) source for SSL/TLS certificates.
@@ -279,6 +302,48 @@ message AutomatedBackupPolicy {
279302
map<string, string> labels = 7;
280303
}
281304

305+
// ContinuousBackupConfig describes the continuous backups recovery
306+
// configurations of a cluster.
307+
message ContinuousBackupConfig {
308+
// Whether ContinuousBackup is enabled.
309+
optional bool enabled = 1;
310+
311+
// The number of days backups and logs will be retained, which determines the
312+
// window of time that data is recoverable for. If not set, it defaults to 14
313+
// days.
314+
int32 recovery_window_days = 4;
315+
316+
// The encryption config can be specified to encrypt the
317+
// backups with a customer-managed encryption key (CMEK). When this field is
318+
// not specified, the backup will then use default encryption scheme to
319+
// protect the user data.
320+
EncryptionConfig encryption_config = 3;
321+
}
322+
323+
// ContinuousBackupInfo describes the continuous backup properties of a
324+
// cluster.
325+
message ContinuousBackupInfo {
326+
// Output only. The encryption information for the WALs and backups required
327+
// for ContinuousBackup.
328+
EncryptionInfo encryption_info = 1
329+
[(google.api.field_behavior) = OUTPUT_ONLY];
330+
331+
// Output only. When ContinuousBackup was most recently enabled. Set to null
332+
// if ContinuousBackup is not enabled.
333+
google.protobuf.Timestamp enabled_time = 2
334+
[(google.api.field_behavior) = OUTPUT_ONLY];
335+
336+
// Output only. Days of the week on which a continuous backup is taken. Output
337+
// only field. Ignored if passed into the request.
338+
repeated google.type.DayOfWeek schedule = 3
339+
[(google.api.field_behavior) = OUTPUT_ONLY];
340+
341+
// Output only. The earliest restorable time that can be restored to. Output
342+
// only field.
343+
google.protobuf.Timestamp earliest_restorable_time = 4
344+
[(google.api.field_behavior) = OUTPUT_ONLY];
345+
}
346+
282347
// Message describing a BackupSource.
283348
message BackupSource {
284349
// Output only. The system-generated UID of the backup which was used to
@@ -294,6 +359,18 @@ message BackupSource {
294359
];
295360
}
296361

362+
// Message describing a ContinuousBackupSource.
363+
message ContinuousBackupSource {
364+
// Required. The source cluster from which to restore. This cluster must have
365+
// continuous backup enabled for this operation to succeed. For the required
366+
// format, see the comment on the Cluster.name field.
367+
string cluster = 1 [(google.api.field_behavior) = REQUIRED];
368+
369+
// Required. The point in time to restore to.
370+
google.protobuf.Timestamp point_in_time = 2
371+
[(google.api.field_behavior) = REQUIRED];
372+
}
373+
297374
// A cluster is a collection of regional AlloyDB resources. It can include a
298375
// primary instance and one or more read pool instances.
299376
// All cluster resources share a storage layer, which scales as needed.
@@ -470,8 +547,8 @@ message Cluster {
470547
// documentation for the message type.
471548
AutomatedBackupPolicy automated_backup_policy = 17;
472549

473-
// SSL configuration for this AlloyDB Cluster.
474-
SslConfig ssl_config = 18;
550+
// SSL configuration for this AlloyDB cluster.
551+
SslConfig ssl_config = 18 [deprecated = true];
475552

476553
// Optional. The encryption config can be specified to encrypt the data disks
477554
// and other persistent data resources of a cluster with a
@@ -485,6 +562,14 @@ message Cluster {
485562
EncryptionInfo encryption_info = 20
486563
[(google.api.field_behavior) = OUTPUT_ONLY];
487564

565+
// Optional. Continuous backup configuration for this cluster.
566+
ContinuousBackupConfig continuous_backup_config = 27
567+
[(google.api.field_behavior) = OPTIONAL];
568+
569+
// Output only. Continuous backup properties for this cluster.
570+
ContinuousBackupInfo continuous_backup_info = 28
571+
[(google.api.field_behavior) = OUTPUT_ONLY];
572+
488573
// Cross Region replication config specific to SECONDARY cluster.
489574
SecondaryConfig secondary_config = 22;
490575

@@ -610,10 +695,11 @@ message Instance {
610695
}
611696

612697
// The Availability type of an instance. Potential values:
698+
//
613699
// - ZONAL: The instance serves data from only one zone. Outages in that
614-
// zone affect instance availability.
700+
// zone affect instance availability.
615701
// - REGIONAL: The instance can serve data from more than one zone in a
616-
// region (it is highly available).
702+
// region (it is highly available).
617703
enum AvailabilityType {
618704
// This is an unknown Availability type.
619705
AVAILABILITY_TYPE_UNSPECIFIED = 0;
@@ -669,8 +755,11 @@ message Instance {
669755
MachineConfig machine_config = 10;
670756

671757
// Availability type of an Instance.
672-
// Defaults to REGIONAL for both primary and read instances.
673-
// Note that primary and read instances can have different availability types.
758+
// If empty, defaults to REGIONAL for primary instances.
759+
// For read pools, availability_type is always UNSPECIFIED. Instances in the
760+
// read pools are evenly distributed across available zones within the region
761+
// (i.e. read pools with more than one node will have a node in at
762+
// least two zones).
674763
AvailabilityType availability_type = 11;
675764

676765
// The Compute Engine zone that the instance should serve from, per
@@ -822,7 +911,7 @@ message Backup {
822911
string cluster_uid = 18 [(google.api.field_behavior) = OUTPUT_ONLY];
823912

824913
// Required. The full resource name of the backup source cluster
825-
// (e.g., projects/<project>/locations/<location>/clusters/<cluster_id>).
914+
// (e.g., projects/{project}/locations/{region}/clusters/{cluster_id}).
826915
string cluster_name = 10 [
827916
(google.api.field_behavior) = REQUIRED,
828917
(google.api.resource_reference) = { type: "alloydb.googleapis.com/Cluster" }
@@ -943,3 +1032,39 @@ message SupportedDatabaseFlag {
9431032
// availability SLO's).
9441033
bool requires_db_restart = 6;
9451034
}
1035+
1036+
// Message describing User object.
1037+
message User {
1038+
option (google.api.resource) = {
1039+
type: "alloydb.googleapis.com/User"
1040+
pattern: "projects/{project}/locations/{location}/clusters/{cluster}/users/{user}"
1041+
style: DECLARATIVE_FRIENDLY
1042+
};
1043+
1044+
// Enum that details the user type.
1045+
enum UserType {
1046+
// Unspecified user type.
1047+
USER_TYPE_UNSPECIFIED = 0;
1048+
1049+
// The default user type that authenticates via password-based
1050+
// authentication.
1051+
ALLOYDB_BUILT_IN = 1;
1052+
1053+
// Database user that can authenticate via IAM-Based authentication.
1054+
ALLOYDB_IAM_USER = 2;
1055+
}
1056+
1057+
// Output only. Name of the resource in the form of
1058+
// projects/{project}/locations/{location}/cluster/{cluster}/users/{user}.
1059+
string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
1060+
1061+
// Input only. Password for the user.
1062+
string password = 2 [(google.api.field_behavior) = INPUT_ONLY];
1063+
1064+
// Optional. List of database roles this user has.
1065+
// The database role strings are subject to the PostgreSQL naming conventions.
1066+
repeated string database_roles = 4 [(google.api.field_behavior) = OPTIONAL];
1067+
1068+
// Optional. Type of this user.
1069+
UserType user_type = 5 [(google.api.field_behavior) = OPTIONAL];
1070+
}

0 commit comments

Comments
 (0)