NETWORKSECURITY
networksecurity.organizations.locations.addressGroups.addItems
valid {
input.Body.items[_] == STRING
input.Body.requestId == STRING
input.ReqMap.addressGroup == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.addressGroups.cloneItems
valid {
input.Body.requestId == STRING
input.Body.sourceAddressGroup == STRING
input.ReqMap.addressGroup == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.addressGroups.create
enum_AddressGroupPurpose := [ "PURPOSE_UNSPECIFIED", "DEFAULT", "CLOUD_ARMOR" ]
enum_AddressGroupType := [ "TYPE_UNSPECIFIED", "IPV4", "IPV6" ]
valid {
input.Body.capacity == INTEGER
input.Body.description == STRING
input.Body.items[_] == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.purpose[_] == enum_AddressGroupPurpose[_]
input.Body.type == enum_AddressGroupType[_]
input.ReqMap.parent == STRING
input.Qs.addressGroupId == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.addressGroups.delete
valid {
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.addressGroups.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.addressGroups.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.addressGroups.listReferences
valid {
input.ReqMap.addressGroup == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.addressGroups.patch
enum_AddressGroupPurpose := [ "PURPOSE_UNSPECIFIED", "DEFAULT", "CLOUD_ARMOR" ]
enum_AddressGroupType := [ "TYPE_UNSPECIFIED", "IPV4", "IPV6" ]
valid {
input.Body.capacity == INTEGER
input.Body.description == STRING
input.Body.items[_] == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.purpose[_] == enum_AddressGroupPurpose[_]
input.Body.type == enum_AddressGroupType[_]
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.addressGroups.removeItems
valid {
input.Body.items[_] == STRING
input.Body.requestId == STRING
input.ReqMap.addressGroup == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.firewallEndpoints.create
valid {
input.Body.billingProjectId == STRING
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.ReqMap.parent == STRING
input.Qs.firewallEndpointId == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.firewallEndpoints.delete
valid {
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.firewallEndpoints.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.firewallEndpoints.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.orderBy == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.firewallEndpoints.patch
valid {
input.Body.billingProjectId == STRING
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.operations.cancel
valid {
input.Body.STRING == STRING
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.operations.delete
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.operations.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.operations.list
valid {
input.ReqMap.name == STRING
input.Qs.filter == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfileGroups.create
valid {
input.Body.customMirroringProfile == STRING
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.threatPreventionProfile == STRING
input.ReqMap.parent == STRING
input.Qs.securityProfileGroupId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfileGroups.delete
valid {
input.ReqMap.name == STRING
input.Qs.etag == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfileGroups.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfileGroups.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfileGroups.patch
valid {
input.Body.customMirroringProfile == STRING
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.threatPreventionProfile == STRING
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfiles.create
enum_SecurityProfileType := [ "PROFILE_TYPE_UNSPECIFIED", "THREAT_PREVENTION", "CUSTOM_MIRRORING" ]
enum_SeverityOverrideAction := [ "THREAT_ACTION_UNSPECIFIED", "DEFAULT_ACTION", "ALLOW", "ALERT", "DENY" ]
enum_SeverityOverrideSeverity := [ "SEVERITY_UNSPECIFIED", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL" ]
enum_ThreatOverrideAction := [ "THREAT_ACTION_UNSPECIFIED", "DEFAULT_ACTION", "ALLOW", "ALERT", "DENY" ]
valid {
input.Body.customMirroringProfile.mirroringEndpointGroup == STRING
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.threatPreventionProfile.severityOverrides[_].action == enum_SeverityOverrideAction[_]
input.Body.threatPreventionProfile.severityOverrides[_].severity == enum_SeverityOverrideSeverity[_]
input.Body.threatPreventionProfile.threatOverrides[_].action == enum_ThreatOverrideAction[_]
input.Body.threatPreventionProfile.threatOverrides[_].threatId == STRING
input.Body.type == enum_SecurityProfileType[_]
input.ReqMap.parent == STRING
input.Qs.securityProfileId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfiles.delete
valid {
input.ReqMap.name == STRING
input.Qs.etag == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfiles.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfiles.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.organizations.locations.securityProfiles.patch
enum_SecurityProfileType := [ "PROFILE_TYPE_UNSPECIFIED", "THREAT_PREVENTION", "CUSTOM_MIRRORING" ]
enum_SeverityOverrideAction := [ "THREAT_ACTION_UNSPECIFIED", "DEFAULT_ACTION", "ALLOW", "ALERT", "DENY" ]
enum_SeverityOverrideSeverity := [ "SEVERITY_UNSPECIFIED", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL" ]
enum_ThreatOverrideAction := [ "THREAT_ACTION_UNSPECIFIED", "DEFAULT_ACTION", "ALLOW", "ALERT", "DENY" ]
valid {
input.Body.customMirroringProfile.mirroringEndpointGroup == STRING
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.threatPreventionProfile.severityOverrides[_].action == enum_SeverityOverrideAction[_]
input.Body.threatPreventionProfile.severityOverrides[_].severity == enum_SeverityOverrideSeverity[_]
input.Body.threatPreventionProfile.threatOverrides[_].action == enum_ThreatOverrideAction[_]
input.Body.threatPreventionProfile.threatOverrides[_].threatId == STRING
input.Body.type == enum_SecurityProfileType[_]
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.addItems
valid {
input.Body.items[_] == STRING
input.Body.requestId == STRING
input.ReqMap.addressGroup == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.cloneItems
valid {
input.Body.requestId == STRING
input.Body.sourceAddressGroup == STRING
input.ReqMap.addressGroup == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.create
enum_AddressGroupPurpose := [ "PURPOSE_UNSPECIFIED", "DEFAULT", "CLOUD_ARMOR" ]
enum_AddressGroupType := [ "TYPE_UNSPECIFIED", "IPV4", "IPV6" ]
valid {
input.Body.capacity == INTEGER
input.Body.description == STRING
input.Body.items[_] == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.purpose[_] == enum_AddressGroupPurpose[_]
input.Body.type == enum_AddressGroupType[_]
input.ReqMap.parent == STRING
input.Qs.addressGroupId == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.delete
valid {
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.getIamPolicy
valid {
input.ReqMap.resource == STRING
input.Qs.options.requestedPolicyVersion == INTEGER
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.listReferences
valid {
input.ReqMap.addressGroup == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.patch
enum_AddressGroupPurpose := [ "PURPOSE_UNSPECIFIED", "DEFAULT", "CLOUD_ARMOR" ]
enum_AddressGroupType := [ "TYPE_UNSPECIFIED", "IPV4", "IPV6" ]
valid {
input.Body.capacity == INTEGER
input.Body.description == STRING
input.Body.items[_] == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.purpose[_] == enum_AddressGroupPurpose[_]
input.Body.type == enum_AddressGroupType[_]
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.removeItems
valid {
input.Body.items[_] == STRING
input.Body.requestId == STRING
input.ReqMap.addressGroup == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.setIamPolicy
enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]
valid {
input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
input.Body.policy.auditConfigs[_].service == STRING
input.Body.policy.bindings[_].condition.description == STRING
input.Body.policy.bindings[_].condition.expression == STRING
input.Body.policy.bindings[_].condition.location == STRING
input.Body.policy.bindings[_].condition.title == STRING
input.Body.policy.bindings[_].members[_] == STRING
input.Body.policy.bindings[_].role == STRING
input.Body.policy.etag == STRING
input.Body.policy.version == INTEGER
input.Body.updateMask == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.addressGroups.testIamPermissions
valid {
input.Body.permissions[_] == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authorizationPolicies.create
enum_AuthorizationPolicyAction := [ "ACTION_UNSPECIFIED", "ALLOW", "DENY" ]
valid {
input.Body.action == enum_AuthorizationPolicyAction[_]
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.rules[_].destinations[_].hosts[_] == STRING
input.Body.rules[_].destinations[_].httpHeaderMatch.headerName == STRING
input.Body.rules[_].destinations[_].httpHeaderMatch.regexMatch == STRING
input.Body.rules[_].destinations[_].methods[_] == STRING
input.Body.rules[_].destinations[_].ports[_] == INTEGER
input.Body.rules[_].sources[_].ipBlocks[_] == STRING
input.Body.rules[_].sources[_].principals[_] == STRING
input.ReqMap.parent == STRING
input.Qs.authorizationPolicyId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authorizationPolicies.delete
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authorizationPolicies.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authorizationPolicies.getIamPolicy
valid {
input.ReqMap.resource == STRING
input.Qs.options.requestedPolicyVersion == INTEGER
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authorizationPolicies.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authorizationPolicies.patch
enum_AuthorizationPolicyAction := [ "ACTION_UNSPECIFIED", "ALLOW", "DENY" ]
valid {
input.Body.action == enum_AuthorizationPolicyAction[_]
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.rules[_].destinations[_].hosts[_] == STRING
input.Body.rules[_].destinations[_].httpHeaderMatch.headerName == STRING
input.Body.rules[_].destinations[_].httpHeaderMatch.regexMatch == STRING
input.Body.rules[_].destinations[_].methods[_] == STRING
input.Body.rules[_].destinations[_].ports[_] == INTEGER
input.Body.rules[_].sources[_].ipBlocks[_] == STRING
input.Body.rules[_].sources[_].principals[_] == STRING
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authorizationPolicies.setIamPolicy
enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]
valid {
input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
input.Body.policy.auditConfigs[_].service == STRING
input.Body.policy.bindings[_].condition.description == STRING
input.Body.policy.bindings[_].condition.expression == STRING
input.Body.policy.bindings[_].condition.location == STRING
input.Body.policy.bindings[_].condition.title == STRING
input.Body.policy.bindings[_].members[_] == STRING
input.Body.policy.bindings[_].role == STRING
input.Body.policy.etag == STRING
input.Body.policy.version == INTEGER
input.Body.updateMask == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authorizationPolicies.testIamPermissions
valid {
input.Body.permissions[_] == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authzPolicies.create
enum_AuthzPolicyAction := [ "AUTHZ_ACTION_UNSPECIFIED", "ALLOW", "DENY", "CUSTOM" ]
enum_AuthzPolicyTargetLoadBalancingScheme := [ "LOAD_BALANCING_SCHEME_UNSPECIFIED", "INTERNAL_MANAGED", "EXTERNAL_MANAGED", "INTERNAL_SELF_MANAGED" ]
valid {
input.Body.action == enum_AuthzPolicyAction[_]
input.Body.customProvider.authzExtension.resources[_] == STRING
input.Body.customProvider.cloudIap.STRING == STRING
input.Body.description == STRING
input.Body.httpRules[_].from.notSources[_].principals[_].contains == STRING
input.Body.httpRules[_].from.notSources[_].principals[_].exact == STRING
input.Body.httpRules[_].from.notSources[_].principals[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].from.notSources[_].principals[_].prefix == STRING
input.Body.httpRules[_].from.notSources[_].principals[_].suffix == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.contains == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.exact == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.ignoreCase == BOOLEAN
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.prefix == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.suffix == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].tagValueIdSet.ids[_] == STRING
input.Body.httpRules[_].from.sources[_].principals[_].contains == STRING
input.Body.httpRules[_].from.sources[_].principals[_].exact == STRING
input.Body.httpRules[_].from.sources[_].principals[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].from.sources[_].principals[_].prefix == STRING
input.Body.httpRules[_].from.sources[_].principals[_].suffix == STRING
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.contains == STRING
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.exact == STRING
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.ignoreCase == BOOLEAN
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.prefix == STRING
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.suffix == STRING
input.Body.httpRules[_].from.sources[_].resources[_].tagValueIdSet.ids[_] == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].name == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.contains == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.exact == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.ignoreCase == BOOLEAN
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.prefix == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.suffix == STRING
input.Body.httpRules[_].to.notOperations[_].hosts[_].contains == STRING
input.Body.httpRules[_].to.notOperations[_].hosts[_].exact == STRING
input.Body.httpRules[_].to.notOperations[_].hosts[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].to.notOperations[_].hosts[_].prefix == STRING
input.Body.httpRules[_].to.notOperations[_].hosts[_].suffix == STRING
input.Body.httpRules[_].to.notOperations[_].methods[_] == STRING
input.Body.httpRules[_].to.notOperations[_].paths[_].contains == STRING
input.Body.httpRules[_].to.notOperations[_].paths[_].exact == STRING
input.Body.httpRules[_].to.notOperations[_].paths[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].to.notOperations[_].paths[_].prefix == STRING
input.Body.httpRules[_].to.notOperations[_].paths[_].suffix == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].name == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.contains == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.exact == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.ignoreCase == BOOLEAN
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.prefix == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.suffix == STRING
input.Body.httpRules[_].to.operations[_].hosts[_].contains == STRING
input.Body.httpRules[_].to.operations[_].hosts[_].exact == STRING
input.Body.httpRules[_].to.operations[_].hosts[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].to.operations[_].hosts[_].prefix == STRING
input.Body.httpRules[_].to.operations[_].hosts[_].suffix == STRING
input.Body.httpRules[_].to.operations[_].methods[_] == STRING
input.Body.httpRules[_].to.operations[_].paths[_].contains == STRING
input.Body.httpRules[_].to.operations[_].paths[_].exact == STRING
input.Body.httpRules[_].to.operations[_].paths[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].to.operations[_].paths[_].prefix == STRING
input.Body.httpRules[_].to.operations[_].paths[_].suffix == STRING
input.Body.httpRules[_].when == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.target.loadBalancingScheme == enum_AuthzPolicyTargetLoadBalancingScheme[_]
input.Body.target.resources[_] == STRING
input.ReqMap.parent == STRING
input.Qs.authzPolicyId == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authzPolicies.delete
valid {
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authzPolicies.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authzPolicies.getIamPolicy
valid {
input.ReqMap.resource == STRING
input.Qs.options.requestedPolicyVersion == INTEGER
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authzPolicies.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.orderBy == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authzPolicies.patch
enum_AuthzPolicyAction := [ "AUTHZ_ACTION_UNSPECIFIED", "ALLOW", "DENY", "CUSTOM" ]
enum_AuthzPolicyTargetLoadBalancingScheme := [ "LOAD_BALANCING_SCHEME_UNSPECIFIED", "INTERNAL_MANAGED", "EXTERNAL_MANAGED", "INTERNAL_SELF_MANAGED" ]
valid {
input.Body.action == enum_AuthzPolicyAction[_]
input.Body.customProvider.authzExtension.resources[_] == STRING
input.Body.customProvider.cloudIap.STRING == STRING
input.Body.description == STRING
input.Body.httpRules[_].from.notSources[_].principals[_].contains == STRING
input.Body.httpRules[_].from.notSources[_].principals[_].exact == STRING
input.Body.httpRules[_].from.notSources[_].principals[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].from.notSources[_].principals[_].prefix == STRING
input.Body.httpRules[_].from.notSources[_].principals[_].suffix == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.contains == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.exact == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.ignoreCase == BOOLEAN
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.prefix == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].iamServiceAccount.suffix == STRING
input.Body.httpRules[_].from.notSources[_].resources[_].tagValueIdSet.ids[_] == STRING
input.Body.httpRules[_].from.sources[_].principals[_].contains == STRING
input.Body.httpRules[_].from.sources[_].principals[_].exact == STRING
input.Body.httpRules[_].from.sources[_].principals[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].from.sources[_].principals[_].prefix == STRING
input.Body.httpRules[_].from.sources[_].principals[_].suffix == STRING
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.contains == STRING
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.exact == STRING
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.ignoreCase == BOOLEAN
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.prefix == STRING
input.Body.httpRules[_].from.sources[_].resources[_].iamServiceAccount.suffix == STRING
input.Body.httpRules[_].from.sources[_].resources[_].tagValueIdSet.ids[_] == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].name == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.contains == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.exact == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.ignoreCase == BOOLEAN
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.prefix == STRING
input.Body.httpRules[_].to.notOperations[_].headerSet.headers[_].value.suffix == STRING
input.Body.httpRules[_].to.notOperations[_].hosts[_].contains == STRING
input.Body.httpRules[_].to.notOperations[_].hosts[_].exact == STRING
input.Body.httpRules[_].to.notOperations[_].hosts[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].to.notOperations[_].hosts[_].prefix == STRING
input.Body.httpRules[_].to.notOperations[_].hosts[_].suffix == STRING
input.Body.httpRules[_].to.notOperations[_].methods[_] == STRING
input.Body.httpRules[_].to.notOperations[_].paths[_].contains == STRING
input.Body.httpRules[_].to.notOperations[_].paths[_].exact == STRING
input.Body.httpRules[_].to.notOperations[_].paths[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].to.notOperations[_].paths[_].prefix == STRING
input.Body.httpRules[_].to.notOperations[_].paths[_].suffix == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].name == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.contains == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.exact == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.ignoreCase == BOOLEAN
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.prefix == STRING
input.Body.httpRules[_].to.operations[_].headerSet.headers[_].value.suffix == STRING
input.Body.httpRules[_].to.operations[_].hosts[_].contains == STRING
input.Body.httpRules[_].to.operations[_].hosts[_].exact == STRING
input.Body.httpRules[_].to.operations[_].hosts[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].to.operations[_].hosts[_].prefix == STRING
input.Body.httpRules[_].to.operations[_].hosts[_].suffix == STRING
input.Body.httpRules[_].to.operations[_].methods[_] == STRING
input.Body.httpRules[_].to.operations[_].paths[_].contains == STRING
input.Body.httpRules[_].to.operations[_].paths[_].exact == STRING
input.Body.httpRules[_].to.operations[_].paths[_].ignoreCase == BOOLEAN
input.Body.httpRules[_].to.operations[_].paths[_].prefix == STRING
input.Body.httpRules[_].to.operations[_].paths[_].suffix == STRING
input.Body.httpRules[_].when == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.target.loadBalancingScheme == enum_AuthzPolicyTargetLoadBalancingScheme[_]
input.Body.target.resources[_] == STRING
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authzPolicies.setIamPolicy
enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]
valid {
input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
input.Body.policy.auditConfigs[_].service == STRING
input.Body.policy.bindings[_].condition.description == STRING
input.Body.policy.bindings[_].condition.expression == STRING
input.Body.policy.bindings[_].condition.location == STRING
input.Body.policy.bindings[_].condition.title == STRING
input.Body.policy.bindings[_].members[_] == STRING
input.Body.policy.bindings[_].role == STRING
input.Body.policy.etag == STRING
input.Body.policy.version == INTEGER
input.Body.updateMask == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.authzPolicies.testIamPermissions
valid {
input.Body.permissions[_] == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.clientTlsPolicies.create
valid {
input.Body.clientCertificate.certificateProviderInstance.pluginInstance == STRING
input.Body.clientCertificate.grpcEndpoint.targetUri == STRING
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.serverValidationCa[_].certificateProviderInstance.pluginInstance == STRING
input.Body.serverValidationCa[_].grpcEndpoint.targetUri == STRING
input.Body.sni == STRING
input.ReqMap.parent == STRING
input.Qs.clientTlsPolicyId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.clientTlsPolicies.delete
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.clientTlsPolicies.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.clientTlsPolicies.getIamPolicy
valid {
input.ReqMap.resource == STRING
input.Qs.options.requestedPolicyVersion == INTEGER
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.clientTlsPolicies.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.clientTlsPolicies.patch
valid {
input.Body.clientCertificate.certificateProviderInstance.pluginInstance == STRING
input.Body.clientCertificate.grpcEndpoint.targetUri == STRING
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.serverValidationCa[_].certificateProviderInstance.pluginInstance == STRING
input.Body.serverValidationCa[_].grpcEndpoint.targetUri == STRING
input.Body.sni == STRING
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.clientTlsPolicies.setIamPolicy
enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]
valid {
input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
input.Body.policy.auditConfigs[_].service == STRING
input.Body.policy.bindings[_].condition.description == STRING
input.Body.policy.bindings[_].condition.expression == STRING
input.Body.policy.bindings[_].condition.location == STRING
input.Body.policy.bindings[_].condition.title == STRING
input.Body.policy.bindings[_].members[_] == STRING
input.Body.policy.bindings[_].role == STRING
input.Body.policy.etag == STRING
input.Body.policy.version == INTEGER
input.Body.updateMask == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.clientTlsPolicies.testIamPermissions
valid {
input.Body.permissions[_] == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.firewallEndpointAssociations.create
valid {
input.Body.disabled == BOOLEAN
input.Body.firewallEndpoint == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.network == STRING
input.Body.tlsInspectionPolicy == STRING
input.ReqMap.parent == STRING
input.Qs.firewallEndpointAssociationId == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.firewallEndpointAssociations.delete
valid {
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.firewallEndpointAssociations.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.firewallEndpointAssociations.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.orderBy == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.firewallEndpointAssociations.patch
valid {
input.Body.disabled == BOOLEAN
input.Body.firewallEndpoint == STRING
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.network == STRING
input.Body.tlsInspectionPolicy == STRING
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.create
valid {
input.Body.description == STRING
input.Body.name == STRING
input.Body.tlsInspectionPolicy == STRING
input.ReqMap.parent == STRING
input.Qs.gatewaySecurityPolicyId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.delete
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.patch
valid {
input.Body.description == STRING
input.Body.name == STRING
input.Body.tlsInspectionPolicy == STRING
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.rules.create
enum_GatewaySecurityPolicyRuleBasicProfile := [ "BASIC_PROFILE_UNSPECIFIED", "ALLOW", "DENY" ]
valid {
input.Body.applicationMatcher == STRING
input.Body.basicProfile == enum_GatewaySecurityPolicyRuleBasicProfile[_]
input.Body.description == STRING
input.Body.enabled == BOOLEAN
input.Body.name == STRING
input.Body.priority == INTEGER
input.Body.sessionMatcher == STRING
input.Body.tlsInspectionEnabled == BOOLEAN
input.ReqMap.parent == STRING
input.Qs.gatewaySecurityPolicyRuleId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.rules.delete
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.rules.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.rules.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.gatewaySecurityPolicies.rules.patch
enum_GatewaySecurityPolicyRuleBasicProfile := [ "BASIC_PROFILE_UNSPECIFIED", "ALLOW", "DENY" ]
valid {
input.Body.applicationMatcher == STRING
input.Body.basicProfile == enum_GatewaySecurityPolicyRuleBasicProfile[_]
input.Body.description == STRING
input.Body.enabled == BOOLEAN
input.Body.name == STRING
input.Body.priority == INTEGER
input.Body.sessionMatcher == STRING
input.Body.tlsInspectionEnabled == BOOLEAN
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.list
valid {
input.ReqMap.name == STRING
input.Qs.filter == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeploymentGroups.create
valid {
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.network == STRING
input.ReqMap.parent == STRING
input.Qs.mirroringDeploymentGroupId == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeploymentGroups.delete
valid {
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeploymentGroups.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeploymentGroups.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.orderBy == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeploymentGroups.patch
valid {
input.Body.labels.STRING == STRING
input.Body.name == STRING
input.Body.network == STRING
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeployments.create
valid {
input.Body.forwardingRule == STRING
input.Body.labels.STRING == STRING
input.Body.mirroringDeploymentGroup == STRING
input.Body.name == STRING
input.ReqMap.parent == STRING
input.Qs.mirroringDeploymentId == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeployments.delete
valid {
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeployments.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeployments.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.orderBy == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringDeployments.patch
valid {
input.Body.forwardingRule == STRING
input.Body.labels.STRING == STRING
input.Body.mirroringDeploymentGroup == STRING
input.Body.name == STRING
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroupAssociations.create
valid {
input.Body.labels.STRING == STRING
input.Body.mirroringEndpointGroup == STRING
input.Body.name == STRING
input.Body.network == STRING
input.ReqMap.parent == STRING
input.Qs.mirroringEndpointGroupAssociationId == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroupAssociations.delete
valid {
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroupAssociations.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroupAssociations.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.orderBy == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroupAssociations.patch
valid {
input.Body.labels.STRING == STRING
input.Body.mirroringEndpointGroup == STRING
input.Body.name == STRING
input.Body.network == STRING
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroups.create
valid {
input.Body.labels.STRING == STRING
input.Body.mirroringDeploymentGroup == STRING
input.Body.name == STRING
input.ReqMap.parent == STRING
input.Qs.mirroringEndpointGroupId == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroups.delete
valid {
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroups.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroups.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.orderBy == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.mirroringEndpointGroups.patch
valid {
input.Body.labels.STRING == STRING
input.Body.mirroringDeploymentGroup == STRING
input.Body.name == STRING
input.ReqMap.name == STRING
input.Qs.requestId == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.operations.cancel
valid {
input.Body.STRING == STRING
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.operations.delete
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.operations.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.operations.list
valid {
input.ReqMap.name == STRING
input.Qs.filter == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.serverTlsPolicies.create
enum_MTLSPolicyClientValidationMode := [ "CLIENT_VALIDATION_MODE_UNSPECIFIED", "ALLOW_INVALID_OR_MISSING_CLIENT_CERT", "REJECT_INVALID" ]
valid {
input.Body.allowOpen == BOOLEAN
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.mtlsPolicy.clientValidationCa[_].certificateProviderInstance.pluginInstance == STRING
input.Body.mtlsPolicy.clientValidationCa[_].grpcEndpoint.targetUri == STRING
input.Body.mtlsPolicy.clientValidationMode == enum_MTLSPolicyClientValidationMode[_]
input.Body.mtlsPolicy.clientValidationTrustConfig == STRING
input.Body.name == STRING
input.Body.serverCertificate.certificateProviderInstance.pluginInstance == STRING
input.Body.serverCertificate.grpcEndpoint.targetUri == STRING
input.ReqMap.parent == STRING
input.Qs.serverTlsPolicyId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.serverTlsPolicies.delete
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.serverTlsPolicies.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.serverTlsPolicies.getIamPolicy
valid {
input.ReqMap.resource == STRING
input.Qs.options.requestedPolicyVersion == INTEGER
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.serverTlsPolicies.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.serverTlsPolicies.patch
enum_MTLSPolicyClientValidationMode := [ "CLIENT_VALIDATION_MODE_UNSPECIFIED", "ALLOW_INVALID_OR_MISSING_CLIENT_CERT", "REJECT_INVALID" ]
valid {
input.Body.allowOpen == BOOLEAN
input.Body.description == STRING
input.Body.labels.STRING == STRING
input.Body.mtlsPolicy.clientValidationCa[_].certificateProviderInstance.pluginInstance == STRING
input.Body.mtlsPolicy.clientValidationCa[_].grpcEndpoint.targetUri == STRING
input.Body.mtlsPolicy.clientValidationMode == enum_MTLSPolicyClientValidationMode[_]
input.Body.mtlsPolicy.clientValidationTrustConfig == STRING
input.Body.name == STRING
input.Body.serverCertificate.certificateProviderInstance.pluginInstance == STRING
input.Body.serverCertificate.grpcEndpoint.targetUri == STRING
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.serverTlsPolicies.setIamPolicy
enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]
valid {
input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
input.Body.policy.auditConfigs[_].service == STRING
input.Body.policy.bindings[_].condition.description == STRING
input.Body.policy.bindings[_].condition.expression == STRING
input.Body.policy.bindings[_].condition.location == STRING
input.Body.policy.bindings[_].condition.title == STRING
input.Body.policy.bindings[_].members[_] == STRING
input.Body.policy.bindings[_].role == STRING
input.Body.policy.etag == STRING
input.Body.policy.version == INTEGER
input.Body.updateMask == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.serverTlsPolicies.testIamPermissions
valid {
input.Body.permissions[_] == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.tlsInspectionPolicies.create
enum_TlsInspectionPolicyMinTlsVersion := [ "TLS_VERSION_UNSPECIFIED", "TLS_1_0", "TLS_1_1", "TLS_1_2", "TLS_1_3" ]
enum_TlsInspectionPolicyTlsFeatureProfile := [ "PROFILE_UNSPECIFIED", "PROFILE_COMPATIBLE", "PROFILE_MODERN", "PROFILE_RESTRICTED", "PROFILE_CUSTOM" ]
valid {
input.Body.caPool == STRING
input.Body.customTlsFeatures[_] == STRING
input.Body.description == STRING
input.Body.excludePublicCaSet == BOOLEAN
input.Body.minTlsVersion == enum_TlsInspectionPolicyMinTlsVersion[_]
input.Body.name == STRING
input.Body.tlsFeatureProfile == enum_TlsInspectionPolicyTlsFeatureProfile[_]
input.Body.trustConfig == STRING
input.ReqMap.parent == STRING
input.Qs.tlsInspectionPolicyId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.tlsInspectionPolicies.delete
valid {
input.ReqMap.name == STRING
input.Qs.force == BOOLEAN
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.tlsInspectionPolicies.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.tlsInspectionPolicies.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.tlsInspectionPolicies.patch
enum_TlsInspectionPolicyMinTlsVersion := [ "TLS_VERSION_UNSPECIFIED", "TLS_1_0", "TLS_1_1", "TLS_1_2", "TLS_1_3" ]
enum_TlsInspectionPolicyTlsFeatureProfile := [ "PROFILE_UNSPECIFIED", "PROFILE_COMPATIBLE", "PROFILE_MODERN", "PROFILE_RESTRICTED", "PROFILE_CUSTOM" ]
valid {
input.Body.caPool == STRING
input.Body.customTlsFeatures[_] == STRING
input.Body.description == STRING
input.Body.excludePublicCaSet == BOOLEAN
input.Body.minTlsVersion == enum_TlsInspectionPolicyMinTlsVersion[_]
input.Body.name == STRING
input.Body.tlsFeatureProfile == enum_TlsInspectionPolicyTlsFeatureProfile[_]
input.Body.trustConfig == STRING
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.urlLists.create
valid {
input.Body.description == STRING
input.Body.name == STRING
input.Body.values[_] == STRING
input.ReqMap.parent == STRING
input.Qs.urlListId == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.urlLists.delete
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.urlLists.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.urlLists.list
valid {
input.ReqMap.parent == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
networksecurity.projects.locations.urlLists.patch
valid {
input.Body.description == STRING
input.Body.name == STRING
input.Body.values[_] == STRING
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
Updated 20 days ago