NETWORKSECURITY

networksecurity.organizations.locations.addressGroups.addItems

valid {
    input.Body.items[_] == STRING
    input.Body.requestId == STRING
    input.ReqMap.addressGroup == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.addressGroups.cloneItems

valid {
    input.Body.requestId == STRING
    input.Body.sourceAddressGroup == STRING
    input.ReqMap.addressGroup == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.addressGroups.create

enum_AddressGroupType := [ "TYPE_UNSPECIFIED", "IPV4", "IPV6" ]

valid {
    input.Body.capacity == INTEGER
    input.Body.description == STRING
    input.Body.items[_] == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.type == enum_AddressGroupType[_]
    input.ReqMap.parent == STRING
    input.Qs.addressGroupId == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.addressGroups.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.addressGroups.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.addressGroups.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.addressGroups.listReferences

valid {
    input.ReqMap.addressGroup == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.addressGroups.patch

enum_AddressGroupType := [ "TYPE_UNSPECIFIED", "IPV4", "IPV6" ]

valid {
    input.Body.capacity == INTEGER
    input.Body.description == STRING
    input.Body.items[_] == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.type == enum_AddressGroupType[_]
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.addressGroups.removeItems

valid {
    input.Body.items[_] == STRING
    input.Body.requestId == STRING
    input.ReqMap.addressGroup == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.firewallEndpoints.create

valid {
    input.Body.billingProjectId == STRING
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.ReqMap.parent == STRING
    input.Qs.firewallEndpointId == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.firewallEndpoints.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.firewallEndpoints.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.firewallEndpoints.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.firewallEndpoints.patch

valid {
    input.Body.billingProjectId == STRING
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.operations.cancel

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.operations.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.operations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.operations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfileGroups.create

valid {
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.threatPreventionProfile == STRING
    input.ReqMap.parent == STRING
    input.Qs.securityProfileGroupId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfileGroups.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.etag == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfileGroups.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfileGroups.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfileGroups.patch

valid {
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.threatPreventionProfile == STRING
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfiles.create

enum_SecurityProfileType := [ "PROFILE_TYPE_UNSPECIFIED", "THREAT_PREVENTION" ]
enum_SeverityOverrideAction := [ "THREAT_ACTION_UNSPECIFIED", "DEFAULT_ACTION", "ALLOW", "ALERT", "DENY" ]
enum_SeverityOverrideSeverity := [ "SEVERITY_UNSPECIFIED", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL" ]
enum_ThreatOverrideAction := [ "THREAT_ACTION_UNSPECIFIED", "DEFAULT_ACTION", "ALLOW", "ALERT", "DENY" ]

valid {
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.threatPreventionProfile.severityOverrides[_].action == enum_SeverityOverrideAction[_]
    input.Body.threatPreventionProfile.severityOverrides[_].severity == enum_SeverityOverrideSeverity[_]
    input.Body.threatPreventionProfile.threatOverrides[_].action == enum_ThreatOverrideAction[_]
    input.Body.threatPreventionProfile.threatOverrides[_].threatId == STRING
    input.Body.type == enum_SecurityProfileType[_]
    input.ReqMap.parent == STRING
    input.Qs.securityProfileId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfiles.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.etag == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfiles.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfiles.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.organizations.locations.securityProfiles.patch

enum_SecurityProfileType := [ "PROFILE_TYPE_UNSPECIFIED", "THREAT_PREVENTION" ]
enum_SeverityOverrideAction := [ "THREAT_ACTION_UNSPECIFIED", "DEFAULT_ACTION", "ALLOW", "ALERT", "DENY" ]
enum_SeverityOverrideSeverity := [ "SEVERITY_UNSPECIFIED", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL" ]
enum_ThreatOverrideAction := [ "THREAT_ACTION_UNSPECIFIED", "DEFAULT_ACTION", "ALLOW", "ALERT", "DENY" ]

valid {
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.threatPreventionProfile.severityOverrides[_].action == enum_SeverityOverrideAction[_]
    input.Body.threatPreventionProfile.severityOverrides[_].severity == enum_SeverityOverrideSeverity[_]
    input.Body.threatPreventionProfile.threatOverrides[_].action == enum_ThreatOverrideAction[_]
    input.Body.threatPreventionProfile.threatOverrides[_].threatId == STRING
    input.Body.type == enum_SecurityProfileType[_]
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.addItems

valid {
    input.Body.items[_] == STRING
    input.Body.requestId == STRING
    input.ReqMap.addressGroup == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.cloneItems

valid {
    input.Body.requestId == STRING
    input.Body.sourceAddressGroup == STRING
    input.ReqMap.addressGroup == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.create

enum_AddressGroupType := [ "TYPE_UNSPECIFIED", "IPV4", "IPV6" ]

valid {
    input.Body.capacity == INTEGER
    input.Body.description == STRING
    input.Body.items[_] == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.type == enum_AddressGroupType[_]
    input.ReqMap.parent == STRING
    input.Qs.addressGroupId == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.listReferences

valid {
    input.ReqMap.addressGroup == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.patch

enum_AddressGroupType := [ "TYPE_UNSPECIFIED", "IPV4", "IPV6" ]

valid {
    input.Body.capacity == INTEGER
    input.Body.description == STRING
    input.Body.items[_] == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.type == enum_AddressGroupType[_]
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.removeItems

valid {
    input.Body.items[_] == STRING
    input.Body.requestId == STRING
    input.ReqMap.addressGroup == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.addressGroups.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.authorizationPolicies.create

enum_AuthorizationPolicyAction := [ "ACTION_UNSPECIFIED", "ALLOW", "DENY" ]

valid {
    input.Body.action == enum_AuthorizationPolicyAction[_]
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.rules[_].destinations[_].hosts[_] == STRING
    input.Body.rules[_].destinations[_].httpHeaderMatch.headerName == STRING
    input.Body.rules[_].destinations[_].httpHeaderMatch.regexMatch == STRING
    input.Body.rules[_].destinations[_].methods[_] == STRING
    input.Body.rules[_].destinations[_].ports[_] == INTEGER
    input.Body.rules[_].sources[_].ipBlocks[_] == STRING
    input.Body.rules[_].sources[_].principals[_] == STRING
    input.ReqMap.parent == STRING
    input.Qs.authorizationPolicyId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.authorizationPolicies.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.authorizationPolicies.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.authorizationPolicies.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.authorizationPolicies.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.authorizationPolicies.patch

enum_AuthorizationPolicyAction := [ "ACTION_UNSPECIFIED", "ALLOW", "DENY" ]

valid {
    input.Body.action == enum_AuthorizationPolicyAction[_]
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.rules[_].destinations[_].hosts[_] == STRING
    input.Body.rules[_].destinations[_].httpHeaderMatch.headerName == STRING
    input.Body.rules[_].destinations[_].httpHeaderMatch.regexMatch == STRING
    input.Body.rules[_].destinations[_].methods[_] == STRING
    input.Body.rules[_].destinations[_].ports[_] == INTEGER
    input.Body.rules[_].sources[_].ipBlocks[_] == STRING
    input.Body.rules[_].sources[_].principals[_] == STRING
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.authorizationPolicies.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.authorizationPolicies.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.clientTlsPolicies.create

valid {
    input.Body.clientCertificate.certificateProviderInstance.pluginInstance == STRING
    input.Body.clientCertificate.grpcEndpoint.targetUri == STRING
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.serverValidationCa[_].certificateProviderInstance.pluginInstance == STRING
    input.Body.serverValidationCa[_].grpcEndpoint.targetUri == STRING
    input.Body.sni == STRING
    input.ReqMap.parent == STRING
    input.Qs.clientTlsPolicyId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.clientTlsPolicies.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.clientTlsPolicies.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.clientTlsPolicies.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.clientTlsPolicies.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.clientTlsPolicies.patch

valid {
    input.Body.clientCertificate.certificateProviderInstance.pluginInstance == STRING
    input.Body.clientCertificate.grpcEndpoint.targetUri == STRING
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.serverValidationCa[_].certificateProviderInstance.pluginInstance == STRING
    input.Body.serverValidationCa[_].grpcEndpoint.targetUri == STRING
    input.Body.sni == STRING
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.clientTlsPolicies.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.clientTlsPolicies.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.firewallEndpointAssociations.create

valid {
    input.Body.firewallEndpoint == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.network == STRING
    input.Body.tlsInspectionPolicy == STRING
    input.ReqMap.parent == STRING
    input.Qs.firewallEndpointAssociationId == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.firewallEndpointAssociations.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.firewallEndpointAssociations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.firewallEndpointAssociations.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.firewallEndpointAssociations.patch

valid {
    input.Body.firewallEndpoint == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.network == STRING
    input.Body.tlsInspectionPolicy == STRING
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.create

valid {
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.tlsInspectionPolicy == STRING
    input.ReqMap.parent == STRING
    input.Qs.gatewaySecurityPolicyId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.patch

valid {
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.tlsInspectionPolicy == STRING
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.rules.create

enum_GatewaySecurityPolicyRuleBasicProfile := [ "BASIC_PROFILE_UNSPECIFIED", "ALLOW", "DENY" ]

valid {
    input.Body.applicationMatcher == STRING
    input.Body.basicProfile == enum_GatewaySecurityPolicyRuleBasicProfile[_]
    input.Body.description == STRING
    input.Body.enabled == BOOLEAN
    input.Body.name == STRING
    input.Body.priority == INTEGER
    input.Body.sessionMatcher == STRING
    input.Body.tlsInspectionEnabled == BOOLEAN
    input.ReqMap.parent == STRING
    input.Qs.gatewaySecurityPolicyRuleId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.rules.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.rules.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.rules.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.gatewaySecurityPolicies.rules.patch

enum_GatewaySecurityPolicyRuleBasicProfile := [ "BASIC_PROFILE_UNSPECIFIED", "ALLOW", "DENY" ]

valid {
    input.Body.applicationMatcher == STRING
    input.Body.basicProfile == enum_GatewaySecurityPolicyRuleBasicProfile[_]
    input.Body.description == STRING
    input.Body.enabled == BOOLEAN
    input.Body.name == STRING
    input.Body.priority == INTEGER
    input.Body.sessionMatcher == STRING
    input.Body.tlsInspectionEnabled == BOOLEAN
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.operations.cancel

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.operations.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.operations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.operations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.serverTlsPolicies.create

enum_MTLSPolicyClientValidationMode := [ "CLIENT_VALIDATION_MODE_UNSPECIFIED", "ALLOW_INVALID_OR_MISSING_CLIENT_CERT", "REJECT_INVALID" ]

valid {
    input.Body.allowOpen == BOOLEAN
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.mtlsPolicy.clientValidationCa[_].certificateProviderInstance.pluginInstance == STRING
    input.Body.mtlsPolicy.clientValidationCa[_].grpcEndpoint.targetUri == STRING
    input.Body.mtlsPolicy.clientValidationMode == enum_MTLSPolicyClientValidationMode[_]
    input.Body.mtlsPolicy.clientValidationTrustConfig == STRING
    input.Body.name == STRING
    input.Body.serverCertificate.certificateProviderInstance.pluginInstance == STRING
    input.Body.serverCertificate.grpcEndpoint.targetUri == STRING
    input.ReqMap.parent == STRING
    input.Qs.serverTlsPolicyId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.serverTlsPolicies.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.serverTlsPolicies.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.serverTlsPolicies.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.serverTlsPolicies.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.serverTlsPolicies.patch

enum_MTLSPolicyClientValidationMode := [ "CLIENT_VALIDATION_MODE_UNSPECIFIED", "ALLOW_INVALID_OR_MISSING_CLIENT_CERT", "REJECT_INVALID" ]

valid {
    input.Body.allowOpen == BOOLEAN
    input.Body.description == STRING
    input.Body.labels.STRING == STRING
    input.Body.mtlsPolicy.clientValidationCa[_].certificateProviderInstance.pluginInstance == STRING
    input.Body.mtlsPolicy.clientValidationCa[_].grpcEndpoint.targetUri == STRING
    input.Body.mtlsPolicy.clientValidationMode == enum_MTLSPolicyClientValidationMode[_]
    input.Body.mtlsPolicy.clientValidationTrustConfig == STRING
    input.Body.name == STRING
    input.Body.serverCertificate.certificateProviderInstance.pluginInstance == STRING
    input.Body.serverCertificate.grpcEndpoint.targetUri == STRING
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.serverTlsPolicies.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.serverTlsPolicies.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.tlsInspectionPolicies.create

enum_TlsInspectionPolicyMinTlsVersion := [ "TLS_VERSION_UNSPECIFIED", "TLS_1_0", "TLS_1_1", "TLS_1_2", "TLS_1_3" ]
enum_TlsInspectionPolicyTlsFeatureProfile := [ "PROFILE_UNSPECIFIED", "PROFILE_COMPATIBLE", "PROFILE_MODERN", "PROFILE_RESTRICTED", "PROFILE_CUSTOM" ]

valid {
    input.Body.caPool == STRING
    input.Body.customTlsFeatures[_] == STRING
    input.Body.description == STRING
    input.Body.excludePublicCaSet == BOOLEAN
    input.Body.minTlsVersion == enum_TlsInspectionPolicyMinTlsVersion[_]
    input.Body.name == STRING
    input.Body.tlsFeatureProfile == enum_TlsInspectionPolicyTlsFeatureProfile[_]
    input.Body.trustConfig == STRING
    input.ReqMap.parent == STRING
    input.Qs.tlsInspectionPolicyId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.tlsInspectionPolicies.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.force == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.tlsInspectionPolicies.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.tlsInspectionPolicies.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.tlsInspectionPolicies.patch

enum_TlsInspectionPolicyMinTlsVersion := [ "TLS_VERSION_UNSPECIFIED", "TLS_1_0", "TLS_1_1", "TLS_1_2", "TLS_1_3" ]
enum_TlsInspectionPolicyTlsFeatureProfile := [ "PROFILE_UNSPECIFIED", "PROFILE_COMPATIBLE", "PROFILE_MODERN", "PROFILE_RESTRICTED", "PROFILE_CUSTOM" ]

valid {
    input.Body.caPool == STRING
    input.Body.customTlsFeatures[_] == STRING
    input.Body.description == STRING
    input.Body.excludePublicCaSet == BOOLEAN
    input.Body.minTlsVersion == enum_TlsInspectionPolicyMinTlsVersion[_]
    input.Body.name == STRING
    input.Body.tlsFeatureProfile == enum_TlsInspectionPolicyTlsFeatureProfile[_]
    input.Body.trustConfig == STRING
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.urlLists.create

valid {
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.values[_] == STRING
    input.ReqMap.parent == STRING
    input.Qs.urlListId == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.urlLists.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.urlLists.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.urlLists.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

networksecurity.projects.locations.urlLists.patch

valid {
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.values[_] == STRING
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}