feat: add DnsPeeringConfig in service_networking.proto

Google APIs · copybara-github · commit 7bdfcb7a0846 · 2025-06-16T13:19:28.000-07:00
feat: add dns_peering_configs to PscInterfaceConfig

PiperOrigin-RevId: 772146251
diff --git a/google/cloud/aiplatform/v1/service_networking.proto b/google/cloud/aiplatform/v1/service_networking.proto
@@ -90,4 +90,32 @@ message PscInterfaceConfig {
       type: "compute.googleapis.com/NetworkAttachment"
     }
   ];
+
+  // Optional. DNS peering configurations. When specified, Vertex AI will
+  // attempt to configure DNS peering zones in the tenant project VPC
+  // to resolve the specified domains using the target network's Cloud DNS.
+  // The user must grant the dns.peer role to the Vertex AI Service Agent
+  // on the target project.
+  repeated DnsPeeringConfig dns_peering_configs = 2
+      [(google.api.field_behavior) = OPTIONAL];
+}
+
+// DNS peering configuration. These configurations are used to create
+// DNS peering zones in the Vertex tenant project VPC, enabling resolution
+// of records within the specified domain hosted in the target network's
+// Cloud DNS.
+message DnsPeeringConfig {
+  // Required. The DNS name suffix of the zone being peered to, e.g.,
+  // "my-internal-domain.corp.". Must end with a dot.
+  string domain = 1 [(google.api.field_behavior) = REQUIRED];
+
+  // Required. The project ID hosting the Cloud DNS managed zone that
+  // contains the 'domain'. The Vertex AI Service Agent requires the
+  // dns.peer role on this project.
+  string target_project = 2 [(google.api.field_behavior) = REQUIRED];
+
+  // Required. The VPC network name
+  // in the target_project where the DNS zone specified by 'domain' is
+  // visible.
+  string target_network = 3 [(google.api.field_behavior) = REQUIRED];
 }
