Skip to content

Commit 586e752

Browse files
Google APIscopybara-github
Google APIs
authored and
copybara-github
committed
feat: publish networksecurity v1beta1 api
PiperOrigin-RevId: 838919865
1 parent 1c1b1ff commit 586e752

File tree

3 files changed

+240
-0
lines changed

3 files changed

+240
-0
lines changed

google/cloud/networksecurity/v1beta1/BUILD.bazel

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ proto_library(
2424
"authorization_policy.proto",
2525
"client_tls_policy.proto",
2626
"common.proto",
27+
"dns_threat_detector.proto",
2728
"network_security.proto",
2829
"server_tls_policy.proto",
2930
"tls.proto",

google/cloud/networksecurity/v1beta1/dns_threat_detector.proto

Lines changed: 234 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,234 @@
1+
// Copyright 2025 Google LLC
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
//
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS,
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
15+
syntax = "proto3";
16+
17+
package google.cloud.networksecurity.v1beta1;
18+
19+
import "google/api/annotations.proto";
20+
import "google/api/client.proto";
21+
import "google/api/field_behavior.proto";
22+
import "google/api/resource.proto";
23+
import "google/protobuf/empty.proto";
24+
import "google/protobuf/field_mask.proto";
25+
import "google/protobuf/timestamp.proto";
26+
27+
option csharp_namespace = "Google.Cloud.NetworkSecurity.V1Beta1";
28+
option go_package = "cloud.google.com/go/networksecurity/apiv1beta1/networksecuritypb;networksecuritypb";
29+
option java_multiple_files = true;
30+
option java_outer_classname = "DnsThreatDetectorProto";
31+
option java_package = "com.google.cloud.networksecurity.v1beta1";
32+
option php_namespace = "Google\\Cloud\\NetworkSecurity\\V1beta1";
33+
option ruby_package = "Google::Cloud::NetworkSecurity::V1beta1";
34+
option (google.api.resource_definition) = {
35+
type: "compute.googleapis.com/Network"
36+
pattern: "projects/{project}/global/networks/{network}"
37+
};
38+
39+
// The Network Security API for DNS Threat Detectors.
40+
service DnsThreatDetectorService {
41+
option (google.api.default_host) = "networksecurity.googleapis.com";
42+
option (google.api.oauth_scopes) =
43+
"https://www.googleapis.com/auth/cloud-platform";
44+
45+
// Lists DnsThreatDetectors in a given project and location.
46+
rpc ListDnsThreatDetectors(ListDnsThreatDetectorsRequest)
47+
returns (ListDnsThreatDetectorsResponse) {
48+
option (google.api.http) = {
49+
get: "/v1beta1/{parent=projects/*/locations/*}/dnsThreatDetectors"
50+
};
51+
option (google.api.method_signature) = "parent";
52+
}
53+
54+
// Gets the details of a single DnsThreatDetector.
55+
rpc GetDnsThreatDetector(GetDnsThreatDetectorRequest)
56+
returns (DnsThreatDetector) {
57+
option (google.api.http) = {
58+
get: "/v1beta1/{name=projects/*/locations/*/dnsThreatDetectors/*}"
59+
};
60+
option (google.api.method_signature) = "name";
61+
}
62+
63+
// Creates a new DnsThreatDetector in a given project and location.
64+
rpc CreateDnsThreatDetector(CreateDnsThreatDetectorRequest)
65+
returns (DnsThreatDetector) {
66+
option (google.api.http) = {
67+
post: "/v1beta1/{parent=projects/*/locations/*}/dnsThreatDetectors"
68+
body: "dns_threat_detector"
69+
};
70+
option (google.api.method_signature) =
71+
"parent,dns_threat_detector,dns_threat_detector_id";
72+
}
73+
74+
// Updates a single DnsThreatDetector.
75+
rpc UpdateDnsThreatDetector(UpdateDnsThreatDetectorRequest)
76+
returns (DnsThreatDetector) {
77+
option (google.api.http) = {
78+
patch: "/v1beta1/{dns_threat_detector.name=projects/*/locations/*/dnsThreatDetectors/*}"
79+
body: "dns_threat_detector"
80+
};
81+
option (google.api.method_signature) = "dns_threat_detector,update_mask";
82+
}
83+
84+
// Deletes a single DnsThreatDetector.
85+
rpc DeleteDnsThreatDetector(DeleteDnsThreatDetectorRequest)
86+
returns (google.protobuf.Empty) {
87+
option (google.api.http) = {
88+
delete: "/v1beta1/{name=projects/*/locations/*/dnsThreatDetectors/*}"
89+
};
90+
option (google.api.method_signature) = "name";
91+
}
92+
}
93+
94+
// A DNS threat detector sends DNS query logs to a _provider_ that then
95+
// analyzes the logs to identify threat events in the DNS queries.
96+
// By default, all VPC networks in your projects are included. You can exclude
97+
// specific networks by supplying `excluded_networks`.
98+
message DnsThreatDetector {
99+
option (google.api.resource) = {
100+
type: "networksecurity.googleapis.com/DnsThreatDetector"
101+
pattern: "projects/{project}/locations/{location}/dnsThreatDetectors/{dns_threat_detector}"
102+
plural: "dnsThreatDetectors"
103+
singular: "dnsThreatDetector"
104+
};
105+
106+
// Name of the provider used for DNS threat analysis.
107+
enum Provider {
108+
// An unspecified provider.
109+
PROVIDER_UNSPECIFIED = 0;
110+
111+
// The Infoblox DNS threat detector provider.
112+
INFOBLOX = 1;
113+
}
114+
115+
// Immutable. Identifier. Name of the DnsThreatDetector resource.
116+
string name = 1 [
117+
(google.api.field_behavior) = IDENTIFIER,
118+
(google.api.field_behavior) = IMMUTABLE
119+
];
120+
121+
// Output only. Create time stamp.
122+
google.protobuf.Timestamp create_time = 2
123+
[(google.api.field_behavior) = OUTPUT_ONLY];
124+
125+
// Output only. Update time stamp.
126+
google.protobuf.Timestamp update_time = 3
127+
[(google.api.field_behavior) = OUTPUT_ONLY];
128+
129+
// Optional. Any labels associated with the DnsThreatDetector, listed as key
130+
// value pairs.
131+
map<string, string> labels = 4 [(google.api.field_behavior) = OPTIONAL];
132+
133+
// Optional. A list of network resource names which aren't monitored by this
134+
// DnsThreatDetector.
135+
//
136+
// Example:
137+
// `projects/PROJECT_ID/global/networks/NETWORK_NAME`.
138+
repeated string excluded_networks = 5 [
139+
(google.api.field_behavior) = OPTIONAL,
140+
(google.api.resource_reference) = { type: "compute.googleapis.com/Network" }
141+
];
142+
143+
// Required. The provider used for DNS threat analysis.
144+
Provider provider = 6 [(google.api.field_behavior) = REQUIRED];
145+
}
146+
147+
// The message for requesting a list of DnsThreatDetectors in the project.
148+
message ListDnsThreatDetectorsRequest {
149+
// Required. The parent value for `ListDnsThreatDetectorsRequest`.
150+
string parent = 1 [
151+
(google.api.field_behavior) = REQUIRED,
152+
(google.api.resource_reference) = {
153+
child_type: "networksecurity.googleapis.com/DnsThreatDetector"
154+
}
155+
];
156+
157+
// Optional. The requested page size. The server may return fewer items than
158+
// requested. If unspecified, the server picks an appropriate default.
159+
int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL];
160+
161+
// Optional. A page token received from a previous
162+
// `ListDnsThreatDetectorsRequest` call. Provide this to retrieve the
163+
// subsequent page.
164+
string page_token = 3 [(google.api.field_behavior) = OPTIONAL];
165+
}
166+
167+
// The response message to requesting a list of DnsThreatDetectors.
168+
message ListDnsThreatDetectorsResponse {
169+
// The list of DnsThreatDetector resources.
170+
repeated DnsThreatDetector dns_threat_detectors = 1;
171+
172+
// A token, which can be sent as `page_token`, to retrieve the next page.
173+
string next_page_token = 2;
174+
175+
// Unordered list. Unreachable `DnsThreatDetector` resources.
176+
repeated string unreachable = 3
177+
[(google.api.field_behavior) = UNORDERED_LIST];
178+
}
179+
180+
// The message sent to get a DnsThreatDetector.
181+
message GetDnsThreatDetectorRequest {
182+
// Required. Name of the DnsThreatDetector resource.
183+
string name = 1 [
184+
(google.api.field_behavior) = REQUIRED,
185+
(google.api.resource_reference) = {
186+
type: "networksecurity.googleapis.com/DnsThreatDetector"
187+
}
188+
];
189+
}
190+
191+
// The message to create a DnsThreatDetector.
192+
message CreateDnsThreatDetectorRequest {
193+
// Required. The value for the parent of the DnsThreatDetector resource.
194+
string parent = 1 [
195+
(google.api.field_behavior) = REQUIRED,
196+
(google.api.resource_reference) = {
197+
child_type: "networksecurity.googleapis.com/DnsThreatDetector"
198+
}
199+
];
200+
201+
// Optional. The ID of the requesting DnsThreatDetector object.
202+
// If this field is not supplied, the service generates an identifier.
203+
string dns_threat_detector_id = 2 [(google.api.field_behavior) = OPTIONAL];
204+
205+
// Required. The `DnsThreatDetector` resource to create.
206+
DnsThreatDetector dns_threat_detector = 3
207+
[(google.api.field_behavior) = REQUIRED];
208+
}
209+
210+
// The message for updating a DnsThreatDetector.
211+
message UpdateDnsThreatDetectorRequest {
212+
// Optional. The field mask is used to specify the fields to be overwritten in
213+
// the DnsThreatDetector resource by the update. The fields specified in the
214+
// update_mask are relative to the resource, not the full request. A field
215+
// will be overwritten if it is in the mask. If the mask is not provided then
216+
// all fields present in the request will be overwritten.
217+
google.protobuf.FieldMask update_mask = 1
218+
[(google.api.field_behavior) = OPTIONAL];
219+
220+
// Required. The DnsThreatDetector resource being updated.
221+
DnsThreatDetector dns_threat_detector = 2
222+
[(google.api.field_behavior) = REQUIRED];
223+
}
224+
225+
// The message for deleting a DnsThreatDetector.
226+
message DeleteDnsThreatDetectorRequest {
227+
// Required. Name of the DnsThreatDetector resource.
228+
string name = 1 [
229+
(google.api.field_behavior) = REQUIRED,
230+
(google.api.resource_reference) = {
231+
type: "networksecurity.googleapis.com/DnsThreatDetector"
232+
}
233+
];
234+
}

google/cloud/networksecurity/v1beta1/networksecurity_v1beta1.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ title: Network Security API
55

66
apis:
77
- name: google.cloud.location.Locations
8+
- name: google.cloud.networksecurity.v1beta1.DnsThreatDetectorService
89
- name: google.cloud.networksecurity.v1beta1.NetworkSecurity
910
- name: google.iam.v1.IAMPolicy
1011
- name: google.longrunning.Operations
@@ -103,6 +104,10 @@ authentication:
103104
oauth:
104105
canonical_scopes: |-
105106
https://www.googleapis.com/auth/cloud-platform
107+
- selector: 'google.cloud.networksecurity.v1beta1.DnsThreatDetectorService.*'
108+
oauth:
109+
canonical_scopes: |-
110+
https://www.googleapis.com/auth/cloud-platform
106111
- selector: 'google.cloud.networksecurity.v1beta1.NetworkSecurity.*'
107112
oauth:
108113
canonical_scopes: |-

0 commit comments

Comments
 (0)