CLOUDFUNCTIONS

cloudfunctions.operations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.operations.list

valid {
    input.Qs.filter == STRING
    input.Qs.name == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.abortFunctionUpgrade

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.call

valid {
    input.Body.data == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.commitFunctionUpgrade

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.create

enum_BuildConfigDockerRegistry := [ "DOCKER_REGISTRY_UNSPECIFIED", "CONTAINER_REGISTRY", "ARTIFACT_REGISTRY" ]
enum_EventTriggerRetryPolicy := [ "RETRY_POLICY_UNSPECIFIED", "RETRY_POLICY_DO_NOT_RETRY", "RETRY_POLICY_RETRY" ]
enum_FunctionEnvironment := [ "ENVIRONMENT_UNSPECIFIED", "GEN_1", "GEN_2" ]
enum_ServiceConfigIngressSettings := [ "INGRESS_SETTINGS_UNSPECIFIED", "ALLOW_ALL", "ALLOW_INTERNAL_ONLY", "ALLOW_INTERNAL_AND_GCLB" ]
enum_ServiceConfigSecurityLevel := [ "SECURITY_LEVEL_UNSPECIFIED", "SECURE_ALWAYS", "SECURE_OPTIONAL" ]
enum_ServiceConfigVpcConnectorEgressSettings := [ "VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED", "PRIVATE_RANGES_ONLY", "ALL_TRAFFIC" ]

valid {
    input.Body.buildConfig.automaticUpdatePolicy.STRING == STRING
    input.Body.buildConfig.dockerRegistry == enum_BuildConfigDockerRegistry[_]
    input.Body.buildConfig.dockerRepository == STRING
    input.Body.buildConfig.entryPoint == STRING
    input.Body.buildConfig.environmentVariables.STRING == STRING
    input.Body.buildConfig.onDeployUpdatePolicy == {}
    input.Body.buildConfig.runtime == STRING
    input.Body.buildConfig.serviceAccount == STRING
    input.Body.buildConfig.source.gitUri == STRING
    input.Body.buildConfig.source.repoSource.branchName == STRING
    input.Body.buildConfig.source.repoSource.commitSha == STRING
    input.Body.buildConfig.source.repoSource.dir == STRING
    input.Body.buildConfig.source.repoSource.projectId == STRING
    input.Body.buildConfig.source.repoSource.repoName == STRING
    input.Body.buildConfig.source.repoSource.tagName == STRING
    input.Body.buildConfig.source.storageSource.bucket == STRING
    input.Body.buildConfig.source.storageSource.generation == STRING
    input.Body.buildConfig.source.storageSource.object == STRING
    input.Body.buildConfig.source.storageSource.sourceUploadUrl == STRING
    input.Body.buildConfig.sourceToken == STRING
    input.Body.buildConfig.workerPool == STRING
    input.Body.description == STRING
    input.Body.environment == enum_FunctionEnvironment[_]
    input.Body.eventTrigger.channel == STRING
    input.Body.eventTrigger.eventFilters[_].attribute == STRING
    input.Body.eventTrigger.eventFilters[_].operator == STRING
    input.Body.eventTrigger.eventFilters[_].value == STRING
    input.Body.eventTrigger.eventType == STRING
    input.Body.eventTrigger.pubsubTopic == STRING
    input.Body.eventTrigger.retryPolicy == enum_EventTriggerRetryPolicy[_]
    input.Body.eventTrigger.service == STRING
    input.Body.eventTrigger.serviceAccountEmail == STRING
    input.Body.eventTrigger.triggerRegion == STRING
    input.Body.kmsKeyName == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.serviceConfig.allTrafficOnLatestRevision == BOOLEAN
    input.Body.serviceConfig.availableCpu == STRING
    input.Body.serviceConfig.availableMemory == STRING
    input.Body.serviceConfig.binaryAuthorizationPolicy == STRING
    input.Body.serviceConfig.environmentVariables.STRING == STRING
    input.Body.serviceConfig.ingressSettings == enum_ServiceConfigIngressSettings[_]
    input.Body.serviceConfig.maxInstanceCount == INTEGER
    input.Body.serviceConfig.maxInstanceRequestConcurrency == INTEGER
    input.Body.serviceConfig.minInstanceCount == INTEGER
    input.Body.serviceConfig.secretEnvironmentVariables[_].key == STRING
    input.Body.serviceConfig.secretEnvironmentVariables[_].projectId == STRING
    input.Body.serviceConfig.secretEnvironmentVariables[_].secret == STRING
    input.Body.serviceConfig.secretEnvironmentVariables[_].version == STRING
    input.Body.serviceConfig.secretVolumes[_].mountPath == STRING
    input.Body.serviceConfig.secretVolumes[_].projectId == STRING
    input.Body.serviceConfig.secretVolumes[_].secret == STRING
    input.Body.serviceConfig.secretVolumes[_].versions[_].path == STRING
    input.Body.serviceConfig.secretVolumes[_].versions[_].version == STRING
    input.Body.serviceConfig.securityLevel == enum_ServiceConfigSecurityLevel[_]
    input.Body.serviceConfig.serviceAccountEmail == STRING
    input.Body.serviceConfig.timeoutSeconds == INTEGER
    input.Body.serviceConfig.vpcConnector == STRING
    input.Body.serviceConfig.vpcConnectorEgressSettings == enum_ServiceConfigVpcConnectorEgressSettings[_]
    input.ReqMap.parent == STRING
    input.Qs.functionId == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.generateDownloadUrl

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.generateUploadUrl

enum_GenerateUploadUrlRequestEnvironment := [ "ENVIRONMENT_UNSPECIFIED", "GEN_1", "GEN_2" ]

valid {
    input.Body.environment == enum_GenerateUploadUrlRequestEnvironment[_]
    input.Body.kmsKeyName == STRING
    input.ReqMap.parent == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.get

valid {
    input.ReqMap.name == STRING
    input.Qs.revision == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.patch

enum_BuildConfigDockerRegistry := [ "DOCKER_REGISTRY_UNSPECIFIED", "CONTAINER_REGISTRY", "ARTIFACT_REGISTRY" ]
enum_EventTriggerRetryPolicy := [ "RETRY_POLICY_UNSPECIFIED", "RETRY_POLICY_DO_NOT_RETRY", "RETRY_POLICY_RETRY" ]
enum_FunctionEnvironment := [ "ENVIRONMENT_UNSPECIFIED", "GEN_1", "GEN_2" ]
enum_ServiceConfigIngressSettings := [ "INGRESS_SETTINGS_UNSPECIFIED", "ALLOW_ALL", "ALLOW_INTERNAL_ONLY", "ALLOW_INTERNAL_AND_GCLB" ]
enum_ServiceConfigSecurityLevel := [ "SECURITY_LEVEL_UNSPECIFIED", "SECURE_ALWAYS", "SECURE_OPTIONAL" ]
enum_ServiceConfigVpcConnectorEgressSettings := [ "VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED", "PRIVATE_RANGES_ONLY", "ALL_TRAFFIC" ]

valid {
    input.Body.buildConfig.automaticUpdatePolicy.STRING == STRING
    input.Body.buildConfig.dockerRegistry == enum_BuildConfigDockerRegistry[_]
    input.Body.buildConfig.dockerRepository == STRING
    input.Body.buildConfig.entryPoint == STRING
    input.Body.buildConfig.environmentVariables.STRING == STRING
    input.Body.buildConfig.onDeployUpdatePolicy == {}
    input.Body.buildConfig.runtime == STRING
    input.Body.buildConfig.serviceAccount == STRING
    input.Body.buildConfig.source.gitUri == STRING
    input.Body.buildConfig.source.repoSource.branchName == STRING
    input.Body.buildConfig.source.repoSource.commitSha == STRING
    input.Body.buildConfig.source.repoSource.dir == STRING
    input.Body.buildConfig.source.repoSource.projectId == STRING
    input.Body.buildConfig.source.repoSource.repoName == STRING
    input.Body.buildConfig.source.repoSource.tagName == STRING
    input.Body.buildConfig.source.storageSource.bucket == STRING
    input.Body.buildConfig.source.storageSource.generation == STRING
    input.Body.buildConfig.source.storageSource.object == STRING
    input.Body.buildConfig.source.storageSource.sourceUploadUrl == STRING
    input.Body.buildConfig.sourceToken == STRING
    input.Body.buildConfig.workerPool == STRING
    input.Body.description == STRING
    input.Body.environment == enum_FunctionEnvironment[_]
    input.Body.eventTrigger.channel == STRING
    input.Body.eventTrigger.eventFilters[_].attribute == STRING
    input.Body.eventTrigger.eventFilters[_].operator == STRING
    input.Body.eventTrigger.eventFilters[_].value == STRING
    input.Body.eventTrigger.eventType == STRING
    input.Body.eventTrigger.pubsubTopic == STRING
    input.Body.eventTrigger.retryPolicy == enum_EventTriggerRetryPolicy[_]
    input.Body.eventTrigger.service == STRING
    input.Body.eventTrigger.serviceAccountEmail == STRING
    input.Body.eventTrigger.triggerRegion == STRING
    input.Body.kmsKeyName == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.serviceConfig.allTrafficOnLatestRevision == BOOLEAN
    input.Body.serviceConfig.availableCpu == STRING
    input.Body.serviceConfig.availableMemory == STRING
    input.Body.serviceConfig.binaryAuthorizationPolicy == STRING
    input.Body.serviceConfig.environmentVariables.STRING == STRING
    input.Body.serviceConfig.ingressSettings == enum_ServiceConfigIngressSettings[_]
    input.Body.serviceConfig.maxInstanceCount == INTEGER
    input.Body.serviceConfig.maxInstanceRequestConcurrency == INTEGER
    input.Body.serviceConfig.minInstanceCount == INTEGER
    input.Body.serviceConfig.secretEnvironmentVariables[_].key == STRING
    input.Body.serviceConfig.secretEnvironmentVariables[_].projectId == STRING
    input.Body.serviceConfig.secretEnvironmentVariables[_].secret == STRING
    input.Body.serviceConfig.secretEnvironmentVariables[_].version == STRING
    input.Body.serviceConfig.secretVolumes[_].mountPath == STRING
    input.Body.serviceConfig.secretVolumes[_].projectId == STRING
    input.Body.serviceConfig.secretVolumes[_].secret == STRING
    input.Body.serviceConfig.secretVolumes[_].versions[_].path == STRING
    input.Body.serviceConfig.secretVolumes[_].versions[_].version == STRING
    input.Body.serviceConfig.securityLevel == enum_ServiceConfigSecurityLevel[_]
    input.Body.serviceConfig.serviceAccountEmail == STRING
    input.Body.serviceConfig.timeoutSeconds == INTEGER
    input.Body.serviceConfig.vpcConnector == STRING
    input.Body.serviceConfig.vpcConnectorEgressSettings == enum_ServiceConfigVpcConnectorEgressSettings[_]
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.redirectFunctionUpgradeTraffic

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.rollbackFunctionUpgradeTraffic

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.setIamPolicy

enum_AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.setupFunctionUpgradeConfig

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.functions.update

enum_CloudFunctionStatus := [ "STATUS_UNSPECIFIED", "READY", "FAILED", "DEPLOYING", "DELETING" ]

valid {
    input.Body.availableMemoryMb == INTEGER
    input.Body.entryPoint == STRING
    input.Body.environmentVariables.STRING == STRING
    input.Body.eventTrigger.eventType == STRING
    input.Body.eventTrigger.failurePolicy.retry.STRING == STRING
    input.Body.eventTrigger.resource == STRING
    input.Body.eventTrigger.service == STRING
    input.Body.httpsTrigger.url == STRING
    input.Body.labels.STRING == STRING
    input.Body.latestOperation == STRING
    input.Body.maxInstances == INTEGER
    input.Body.name == STRING
    input.Body.network == STRING
    input.Body.runtime == STRING
    input.Body.serviceAccount == STRING
    input.Body.sourceArchiveUrl == STRING
    input.Body.sourceRepository.branch == STRING
    input.Body.sourceRepository.deployedRevision == STRING
    input.Body.sourceRepository.repositoryUrl == STRING
    input.Body.sourceRepository.revision == STRING
    input.Body.sourceRepository.sourcePath == STRING
    input.Body.sourceRepository.tag == STRING
    input.Body.sourceRepositoryUrl == STRING
    input.Body.sourceUploadUrl == STRING
    input.Body.status == enum_CloudFunctionStatus[_]
    input.Body.timeout == STRING
    input.Body.updateTime == STRING
    input.Body.versionId == STRING
    input.Body.vpcConnector == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.operations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.operations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

cloudfunctions.projects.locations.runtimes.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.ProviderMetadata.Region == STRING
}